Vulnerability Description
DCTStream.cc in Poppler before 0.13.3 allows remote attackers to cause a denial of service (crash) via a crafted PDF file.
CVSS Score
4.3
MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Freedesktop | Poppler | <= 0.13.2 |
Related Weaknesses (CWE)
References
- http://cgit.freedesktop.org/poppler/poppler/commit/poppler/DCTStream.cc?id=fc071ExploitPatch
- http://comments.gmane.org/gmane.comp.security.oss.general/11132
- http://secunia.com/advisories/59857
- https://bugs.freedesktop.org/show_bug.cgi?id=26280
- https://www.suse.com/support/update/announcement/2014/suse-su-20140817-1.html
- http://cgit.freedesktop.org/poppler/poppler/commit/poppler/DCTStream.cc?id=fc071ExploitPatch
- http://comments.gmane.org/gmane.comp.security.oss.general/11132
- http://secunia.com/advisories/59857
- https://bugs.freedesktop.org/show_bug.cgi?id=26280
- https://www.suse.com/support/update/announcement/2014/suse-su-20140817-1.html
FAQ
What is CVE-2010-5110?
CVE-2010-5110 is a vulnerability with a CVSS score of 4.3 (MEDIUM). DCTStream.cc in Poppler before 0.13.3 allows remote attackers to cause a denial of service (crash) via a crafted PDF file.
How severe is CVE-2010-5110?
CVE-2010-5110 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-5110?
Check the references section above for vendor advisories and patch information. Affected products include: Freedesktop Poppler.