CVE-2010-3702 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	7.5 UNKNOWN	NETWORK	LOW		AV:N/AC:L/Au:N/C:P/I:P/A:P
redhat	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 90%

Vendor	Product	Version
apple	cups	𝑥 ≤ 1.3.11
freedesktop	poppler	0.8.7 ≤ 𝑥 ≤ 0.15.1
xpdfreader	xpdf	𝑥 ≤ 3.01
xpdfreader	xpdf	3.02
xpdfreader	xpdf	3.02:pl1
xpdfreader	xpdf	3.02:pl2
xpdfreader	xpdf	3.02:pl3
xpdfreader	xpdf	3.02:pl4
opensuse	opensuse	11.1
opensuse	opensuse	11.2
opensuse	opensuse	11.3
debian	debian_linux	5.0
debian	debian_linux	6.0
redhat	enterprise_linux_desktop	5.0
redhat	enterprise_linux_server	5.0
redhat	enterprise_linux_workstation	5.0
canonical	ubuntu_linux	6.06
canonical	ubuntu_linux	8.04
canonical	ubuntu_linux	9.04
canonical	ubuntu_linux	9.10
canonical	ubuntu_linux	10.04
canonical	ubuntu_linux	10.10

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

poppler

bullseye	20.09.0-3.1+deb11u1 fixed
bullseye (security)	20.09.0-3.1+deb11u1 fixed
bookworm	22.12.0-2 fixed
sid	24.08.0-3 fixed
trixie	24.08.0-3 fixed

xpdf

bullseye	3.04+git20210103-3 fixed
bookworm	3.04+git20220601-1 fixed
sid	3.04+git20240613-1 fixed
trixie	3.04+git20240613-1 fixed

Ubuntu Releases

Ubuntu Product

Codename

gpdf

noble	dne
mantic	dne
lunar	dne
kinetic	dne
jammy	dne
impish	dne
hirsute	dne
groovy	dne
focal	dne
eoan	dne
disco	dne
cosmic	dne
bionic	dne
artful	dne
zesty	dne
yakkety	dne
xenial	dne
wily	dne
vivid	dne
utopic	dne
trusty	dne
saucy	dne
raring	dne
quantal	dne
precise	dne
oneiric	dne
natty	dne
maverick	dne
lucid	dne
karmic	dne
jaunty	dne
hardy	dne
dapper	ignored

ipe

noble	needs-triage
mantic	ignored
lunar	ignored
kinetic	ignored
jammy	needs-triage
impish	ignored
hirsute	ignored
groovy	ignored
focal	needs-triage
eoan	ignored
disco	ignored
cosmic	ignored
bionic	needs-triage
artful	ignored
zesty	ignored
yakkety	ignored
xenial	needs-triage
wily	ignored
vivid	ignored
utopic	ignored
trusty	dne
saucy	ignored
raring	ignored
quantal	ignored
precise	ignored
oneiric	ignored
natty	ignored
maverick	ignored
lucid	ignored
karmic	ignored
jaunty	ignored
hardy	ignored
dapper	ignored

kdegraphics

noble	dne
mantic	dne
lunar	dne
kinetic	dne
jammy	dne
impish	dne
hirsute	dne
groovy	dne
focal	dne
eoan	dne
disco	dne
cosmic	dne
bionic	dne
artful	dne
zesty	dne
yakkety	dne
xenial	dne
wily	dne
vivid	dne
utopic	dne
trusty	dne
saucy	dne
raring	dne
quantal	dne
precise	dne
oneiric	dne
natty	not-affected
maverick	not-affected
lucid	not-affected
karmic	not-affected
jaunty	not-affected
hardy	not-affected
dapper	not-affected

koffice

noble	dne
mantic	dne
lunar	dne
kinetic	dne
jammy	dne
impish	dne
hirsute	dne
groovy	dne
focal	dne
eoan	dne
disco	dne
cosmic	dne
bionic	dne
artful	dne
zesty	dne
yakkety	dne
xenial	dne
wily	dne
vivid	dne
utopic	dne
trusty	dne
saucy	dne
raring	dne
quantal	dne
precise	dne
oneiric	not-affected
natty	not-affected
maverick	not-affected
lucid	not-affected
karmic	not-affected
jaunty	ignored
hardy	ignored
dapper	ignored

libextractor

noble	not-affected
mantic	not-affected
lunar	not-affected
kinetic	not-affected
jammy	not-affected
impish	ignored
hirsute	ignored
groovy	ignored
focal	not-affected
eoan	ignored
disco	ignored
cosmic	ignored
bionic	not-affected
artful	ignored
zesty	ignored
yakkety	ignored
xenial	not-affected
wily	ignored
vivid	ignored
utopic	ignored
trusty	not-affected
saucy	ignored
raring	ignored
quantal	ignored
precise	ignored
oneiric	ignored
natty	ignored
maverick	ignored
lucid	ignored
karmic	ignored
jaunty	ignored
hardy	ignored
dapper	ignored

pdfkit.framework

noble	dne
mantic	dne
lunar	dne
kinetic	dne
jammy	dne
impish	dne
hirsute	dne
groovy	dne
focal	dne
eoan	dne
disco	dne
cosmic	dne
bionic	dne
artful	dne
zesty	dne
yakkety	dne
xenial	dne
wily	dne
vivid	dne
utopic	dne
trusty	dne
saucy	dne
raring	dne
quantal	dne
precise	dne
oneiric	dne
natty	dne
maverick	dne
lucid	dne
karmic	dne
jaunty	dne
hardy	dne
dapper	ignored

pdftohtml

noble	dne
mantic	dne
lunar	dne
kinetic	dne
jammy	dne
impish	dne
hirsute	dne
groovy	dne
focal	dne
eoan	dne
disco	dne
cosmic	dne
bionic	dne
artful	dne
zesty	dne
yakkety	dne
xenial	dne
wily	dne
vivid	dne
utopic	dne
trusty	dne
saucy	dne
raring	dne
quantal	dne
precise	dne
oneiric	dne
natty	dne
maverick	dne
lucid	dne
karmic	dne
jaunty	dne
hardy	dne
dapper	ignored

poppler

noble	not-affected
mantic	not-affected
lunar	not-affected
kinetic	not-affected
jammy	not-affected
impish	not-affected
hirsute	not-affected
groovy	not-affected
focal	not-affected
eoan	not-affected
disco	not-affected
cosmic	not-affected
bionic	not-affected
artful	not-affected
zesty	not-affected
yakkety	not-affected
xenial	not-affected
wily	not-affected
vivid	not-affected
utopic	not-affected
trusty	dne
saucy	not-affected
raring	not-affected
quantal	not-affected
precise	not-affected
oneiric	not-affected
natty	not-affected
maverick	Fixed 0.14.3-0ubuntu1.1 released
lucid	Fixed 0.12.4-0ubuntu5.1 released
karmic	Fixed 0.12.0-0ubuntu2.3 released
jaunty	Fixed 0.10.5-1ubuntu2.6 released
hardy	Fixed 0.6.4-1ubuntu3.5 released
dapper	Fixed 0.5.1-0ubuntu7.8 released

tetex-bin

noble	dne
mantic	dne
lunar	dne
kinetic	dne
jammy	dne
impish	dne
hirsute	dne
groovy	dne
focal	dne
eoan	dne
disco	dne
cosmic	dne
bionic	dne
artful	dne
zesty	dne
yakkety	dne
xenial	dne
wily	dne
vivid	dne
utopic	dne
trusty	dne
saucy	dne
raring	dne
quantal	dne
precise	dne
oneiric	dne
natty	dne
maverick	dne
lucid	dne
karmic	dne
jaunty	dne
hardy	dne
dapper	not-affected

texlive-bin

noble	not-affected
mantic	not-affected
lunar	not-affected
kinetic	not-affected
jammy	not-affected
impish	not-affected
hirsute	not-affected
groovy	not-affected
focal	not-affected
eoan	not-affected
disco	not-affected
cosmic	not-affected
bionic	not-affected
artful	not-affected
zesty	not-affected
yakkety	not-affected
xenial	not-affected
wily	not-affected
vivid	not-affected
utopic	not-affected
trusty	dne
saucy	not-affected
raring	not-affected
quantal	not-affected
precise	not-affected
oneiric	not-affected
natty	not-affected
maverick	not-affected
lucid	not-affected
karmic	not-affected
jaunty	not-affected
hardy	not-affected
dapper	dne

xpdf

noble	not-affected
mantic	not-affected
lunar	not-affected
kinetic	not-affected
jammy	not-affected
impish	not-affected
hirsute	not-affected
groovy	dne
focal	dne
eoan	not-affected
disco	not-affected
cosmic	not-affected
bionic	not-affected
artful	not-affected
zesty	not-affected
yakkety	not-affected
xenial	not-affected
wily	not-affected
vivid	not-affected
utopic	not-affected
trusty	dne
saucy	not-affected
raring	not-affected
quantal	not-affected
precise	not-affected
oneiric	not-affected
natty	not-affected
maverick	Fixed 3.02-9ubuntu1.1 released
lucid	Fixed 3.02-2ubuntu1.1 released
karmic	Fixed 3.02-1.4ubuntu2.9.10.2 released
jaunty	ignored
hardy	ignored
dapper	ignored

Common Weakness Enumeration

CWE-476 - NULL Pointer Dereference
A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

References

ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch

http://cgit.freedesktop.org/poppler/poppler/commit/?id=e853106b58d6b4b0467dbd6436c9bb1cfbd372cf

http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html

http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html

http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html

http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html

http://rhn.redhat.com/errata/RHSA-2012-1201.html

http://secunia.com/advisories/42141

http://secunia.com/advisories/42357

http://secunia.com/advisories/42397

http://secunia.com/advisories/42691

http://secunia.com/advisories/43079

http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.571720

http://www.debian.org/security/2010/dsa-2119

http://www.debian.org/security/2010/dsa-2135

http://www.mandriva.com/security/advisories?name=MDVSA-2010:228

http://www.mandriva.com/security/advisories?name=MDVSA-2010:229

http://www.mandriva.com/security/advisories?name=MDVSA-2010:230

http://www.mandriva.com/security/advisories?name=MDVSA-2010:231

http://www.mandriva.com/security/advisories?name=MDVSA-2012:144

http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html

http://www.openwall.com/lists/oss-security/2010/10/04/6

http://www.redhat.com/support/errata/RHSA-2010-0749.html

http://www.redhat.com/support/errata/RHSA-2010-0750.html

http://www.redhat.com/support/errata/RHSA-2010-0751.html

http://www.redhat.com/support/errata/RHSA-2010-0752.html

http://www.redhat.com/support/errata/RHSA-2010-0753.html

http://www.redhat.com/support/errata/RHSA-2010-0754.html

http://www.redhat.com/support/errata/RHSA-2010-0755.html

http://www.redhat.com/support/errata/RHSA-2010-0859.html

http://www.securityfocus.com/bid/43845

http://www.ubuntu.com/usn/USN-1005-1

http://www.vupen.com/english/advisories/2010/2897

http://www.vupen.com/english/advisories/2010/3097

http://www.vupen.com/english/advisories/2011/0230

https://bugzilla.redhat.com/show_bug.cgi?id=595245

ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch

http://cgit.freedesktop.org/poppler/poppler/commit/?id=e853106b58d6b4b0467dbd6436c9bb1cfbd372cf

http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html

http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html

http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html

http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html

http://rhn.redhat.com/errata/RHSA-2012-1201.html

http://secunia.com/advisories/42141

http://secunia.com/advisories/42357

http://secunia.com/advisories/42397

http://secunia.com/advisories/42691

http://secunia.com/advisories/43079

http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.571720

http://www.debian.org/security/2010/dsa-2119

http://www.debian.org/security/2010/dsa-2135

http://www.mandriva.com/security/advisories?name=MDVSA-2010:228

http://www.mandriva.com/security/advisories?name=MDVSA-2010:229

http://www.mandriva.com/security/advisories?name=MDVSA-2010:230

http://www.mandriva.com/security/advisories?name=MDVSA-2010:231

http://www.mandriva.com/security/advisories?name=MDVSA-2012:144

http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html

http://www.openwall.com/lists/oss-security/2010/10/04/6

http://www.redhat.com/support/errata/RHSA-2010-0749.html

http://www.redhat.com/support/errata/RHSA-2010-0750.html

http://www.redhat.com/support/errata/RHSA-2010-0751.html

http://www.redhat.com/support/errata/RHSA-2010-0752.html

http://www.redhat.com/support/errata/RHSA-2010-0753.html

http://www.redhat.com/support/errata/RHSA-2010-0754.html

http://www.redhat.com/support/errata/RHSA-2010-0755.html

http://www.redhat.com/support/errata/RHSA-2010-0859.html

http://www.securityfocus.com/bid/43845

http://www.ubuntu.com/usn/USN-1005-1

http://www.vupen.com/english/advisories/2010/2897

http://www.vupen.com/english/advisories/2010/3097

http://www.vupen.com/english/advisories/2011/0230

https://bugzilla.redhat.com/show_bug.cgi?id=595245