CVE-2010-0206

xpdf allows remote attackers to cause a denial of service (NULL pointer dereference and crash) in the way it processes JBIG2 PDF stream objects.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
certccCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 62%
VendorProductVersion
xpdfreaderxpdf
3.03-17
xpdfreaderxpdf
3.04-4
xpdfreaderxpdf
3.04-13
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
poppler
bullseye (security)
20.09.0-3.1+deb11u1
fixed
bullseye
20.09.0-3.1+deb11u1
fixed
bookworm
22.12.0-2
fixed
sid
24.08.0-3
fixed
trixie
24.08.0-3
fixed
xpdf
bullseye
unimportant
bookworm
unimportant
sid
unimportant
trixie
unimportant
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
ipe
oneiric
ignored
natty
ignored
maverick
ignored
lucid
ignored
hardy
ignored
kdegraphics
oneiric
dne
natty
ignored
maverick
ignored
lucid
ignored
hardy
ignored
koffice
oneiric
not-affected
natty
not-affected
maverick
not-affected
lucid
not-affected
hardy
ignored
libextractor
oneiric
ignored
natty
ignored
maverick
ignored
lucid
ignored
hardy
ignored
poppler
oneiric
ignored
natty
ignored
maverick
ignored
lucid
ignored
hardy
ignored
xpdf
oneiric
ignored
natty
ignored
maverick
ignored
lucid
ignored
hardy
ignored
Common Weakness Enumeration
References
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0206
https://security-tracker.debian.org/tracker/CVE-2010-0206
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0206
https://security-tracker.debian.org/tracker/CVE-2010-0206