Multiple vulnerabilities were discovered and corrected in kdegraphics:

The Gfx::getPos function in the PDF parser in kdegraphics, allows
context-dependent attackers to cause a denial of service (crash)
via unknown vectors that trigger an uninitialized pointer dereference
(CVE-2010-3702).

The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser
in kdegraphics, allows context-dependent attackers to cause a denial
of service (crash) and possibly execute arbitrary code via a PDF
file with a crafted Type1 font that contains a negative array index,
which bypasses input validation and which triggers memory corruption
(CVE-2010-3704).

The updated packages have been patched to correct these issues.