CVE-2010-0206

EUVD-2010-0237
xpdf allows remote attackers to cause a denial of service (NULL pointer dereference and crash) in the way it processes JBIG2 PDF stream objects.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 62%
Affected Products (NVD)
VendorProductVersion
xpdfreaderxpdf
3.03-17
xpdfreaderxpdf
3.04-4
xpdfreaderxpdf
3.04-13
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
poppler
bookworm
22.12.0-2
fixed
bullseye
20.09.0-3.1+deb11u1
fixed
bullseye (security)
20.09.0-3.1+deb11u1
fixed
sid
24.08.0-3
fixed
trixie
24.08.0-3
fixed
xpdf
bookworm
unimportant
bullseye
unimportant
sid
unimportant
trixie
unimportant
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
ipe
hardy
ignored
lucid
ignored
maverick
ignored
natty
ignored
oneiric
ignored
kdegraphics
hardy
ignored
lucid
ignored
maverick
ignored
natty
ignored
oneiric
dne
koffice
hardy
ignored
lucid
not-affected
maverick
not-affected
natty
not-affected
oneiric
not-affected
libextractor
hardy
ignored
lucid
ignored
maverick
ignored
natty
ignored
oneiric
ignored
poppler
hardy
ignored
lucid
ignored
maverick
ignored
natty
ignored
oneiric
ignored
xpdf
hardy
ignored
lucid
ignored
maverick
ignored
natty
ignored
oneiric
ignored
Common Weakness Enumeration
References
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0206
https://security-tracker.debian.org/tracker/CVE-2010-0206
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0206
https://security-tracker.debian.org/tracker/CVE-2010-0206