CVE-2010-4654
Priority
Medium
Description
Malformed commands may cause corruption of the internal stack used
to maintain graphics contexts, leading to potentially exploitable
memory corruption.
to maintain graphics contexts, leading to potentially exploitable
memory corruption.
References
Notes
jdstrand> xpdf in koffice is 2.0
mdeslaur> first patch may change API/ABI
mdeslaur> first patch is for protection, second patch actually fixes
mdeslaur> particular issue. Second patch is included in Lucid's poppler,
mdeslaur> so we're not affected.
mdeslaur> first patch may change API/ABI
mdeslaur> first patch is for protection, second patch actually fixes
mdeslaur> particular issue. Second patch is included in Lucid's poppler,
mdeslaur> so we're not affected.
Package
| Upstream: | needs-triage |
| Ubuntu 8.04 LTS (Hardy Heron): | ignored (reached end-of-life) |
| Ubuntu 10.04 LTS (Lucid Lynx): | not-affected (code not present) |
| Ubuntu 11.10 (Oneiric Ocelot): | not-affected (code not present) |
| Ubuntu 12.04 LTS (Precise Pangolin): | DNE |
| Ubuntu 12.10 (Quantal Quetzal): | DNE |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
| Ubuntu 13.10 (Saucy Salamander): | DNE |
Package
| Upstream: | needs-triage |
| Ubuntu 8.04 LTS (Hardy Heron): | ignored (reached end-of-life) |
| Ubuntu 10.04 LTS (Lucid Lynx): | needs-triage |
| Ubuntu 11.10 (Oneiric Ocelot): | ignored (reached end-of-life) |
| Ubuntu 12.04 LTS (Precise Pangolin): | needs-triage |
| Ubuntu 12.10 (Quantal Quetzal): | needs-triage |
| Ubuntu 13.04 (Raring Ringtail): | needs-triage |
| Ubuntu 13.10 (Saucy Salamander): | needs-triage |
Package
| Upstream: | needs-triage |
| Ubuntu 8.04 LTS (Hardy Heron): | ignored (reached end-of-life) |
| Ubuntu 10.04 LTS (Lucid Lynx): | needs-triage |
| Ubuntu 11.10 (Oneiric Ocelot): | ignored (reached end-of-life) |
| Ubuntu 12.04 LTS (Precise Pangolin): | needs-triage |
| Ubuntu 12.10 (Quantal Quetzal): | needs-triage |
| Ubuntu 13.04 (Raring Ringtail): | needs-triage |
| Ubuntu 13.10 (Saucy Salamander): | needs-triage |
Package
| Upstream: | needs-triage |
| Ubuntu 8.04 LTS (Hardy Heron): | ignored (reached end-of-life) |
| Ubuntu 10.04 LTS (Lucid Lynx): | needs-triage |
| Ubuntu 11.10 (Oneiric Ocelot): | ignored (reached end-of-life) |
| Ubuntu 12.04 LTS (Precise Pangolin): | needs-triage |
| Ubuntu 12.10 (Quantal Quetzal): | needs-triage |
| Ubuntu 13.04 (Raring Ringtail): | needs-triage |
| Ubuntu 13.10 (Saucy Salamander): | needs-triage |
Package
| Upstream: | released (0.14.3) |
| Ubuntu 8.04 LTS (Hardy Heron): | ignored (reached end-of-life) |
| Ubuntu 10.04 LTS (Lucid Lynx): | not-affected (0.12.4-0ubuntu5.2) |
| Ubuntu 11.10 (Oneiric Ocelot): | not-affected |
| Ubuntu 12.04 LTS (Precise Pangolin): | not-affected |
| Ubuntu 12.10 (Quantal Quetzal): | not-affected |
| Ubuntu 13.04 (Raring Ringtail): | not-affected |
| Ubuntu 13.10 (Saucy Salamander): | not-affected |
Patches:
| Upstream: | http://cgit.freedesktop.org/poppler/poppler/commit/?id=8284008aa8230a92ba08d547864353d3290e9bf9 |
| Upstream: | http://cgit.freedesktop.org/poppler/poppler/commit/?id=17345173 |