Fluid Attacks Database

Description

Heap-based buffer overflow in the RLE decompression functionality in the TranscribePalmImageToJPEG function in generators/plucker/inplug/image.cpp in Okular in KDE SC 4.3.0 through 4.5.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image in a PDB file.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 12	okular	>=0 <4:4.4.5-2	4:4.4.5-2
debian 11	okular	>=0 <4:4.4.5-2	4:4.4.5-2
debian 13	okular	>=0 <4:4.4.5-2	4:4.4.5-2
debian 14	okular	>=0 <4:4.4.5-2	4:4.4.5-2
rpm rhel6	kdegraphics	-	-

Aliases

1. CVE-2010-25752. NVD-2010-25753. OSV-DEBIAN-2010-25754. OSV-2010-25755. SECURITY-TRACKER-CVE-2010-2575

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.