CVE-2010-2575

Name of the Vulnerable Software and Affected Versions Okular versions 4.3.0 through 4.5.0

Description The issue is related to a heap-based buffer overflow in the RLE decompression functionality within the TranscribePalmImageToJPEG function, located in generators/plucker/inplug/image.cpp. This can be triggered by remote attackers sending a crafted image in a PDB file, potentially leading to a denial of service (application crash) or possibly the execution of arbitrary code.

Recommendations For Okular versions 4.3.0 through 4.5.0, consider disabling the TranscribePalmImageToJPEG function until a patch is available to prevent potential exploitation. Restrict access to PDB files from untrusted sources to minimize the risk of denial of service or code execution.