From the NVD: CVE-2010-3702: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3702 The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) via unknown vectors that trigger an uninitialized pointer dereference. CVE-2010-3704:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3704 The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted Type1 font that contains a negative array index, which bypasses input validation and which triggers memory corruption. Upstream has released 3.02pl5, ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch.
not for us afaik as we use poppler for xpdf
(In reply to comment #1) > not for us afaik as we use poppler for xpdf > Please excuse my ignorance; do you mean that app-text/xpdf does not use xpdf originated from foolabs.com at all? Thanks.
(In reply to comment #2) > (In reply to comment #1) > > not for us afaik as we use poppler for xpdf > > > > Please excuse my ignorance; do you mean that app-text/xpdf does not use xpdf > originated from foolabs.com at all? Thanks. It does, but only part of it. The code affected by these sec. issues is, afaik, removed from our xpdf and taken from poppler.
(In reply to comment #3) > > It does, but only part of it. The code affected by these sec. issues is, afaik, > removed from our xpdf and taken from poppler. > Ok, thank you. Looks like poppler was fixed via bug 338878. I am going to go ahead and close this as invalid. Please do reopen if we need to do something here to correct this issue in our xpdf.
