Heap-based Buffer Overflow in Okular by KDE
CVE-2010-2575

Currently unrated

Key Information:

Vendor: Kde
Status: Kde Sc
Vendor: CVE Published:; 30 August 2010

What is CVE-2010-2575?

A heap-based buffer overflow exists in the RLE decompression feature of the TranscribePalmImageToJPEG function in Okular, affecting versions 4.3.0 to 4.5.0. This vulnerability can be triggered by specially crafted images contained within PDB files, potentially allowing remote attackers to cause the application to crash or execute arbitrary code, posing significant security risks.

References

http://www.ubuntu.com/usn/USN-979-1

vendor-advisoryx_refsource_UBUNTU

http://www.vupen.com/english/advisories/2010/2178

vdb-entryx_refsource_VUPEN

http://www.vupen.com/english/advisories/2010/2202

vdb-entryx_refsource_VUPEN

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 30, 2010
Vulnerability Reserved
Jul 1, 2010

CVE-2010-2575 Data

JSON

Kde

What is CVE-2010-2575?

References

Timeline