CVE-2010-2642
07.01.2011, 19:00
Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| redhat | evince | 𝑥 ≤ 2.32 |
| redhat | evince | 0.1 |
| redhat | evince | 0.2 |
| redhat | evince | 0.3 |
| redhat | evince | 0.4 |
| redhat | evince | 0.5 |
| redhat | evince | 0.6 |
| redhat | evince | 0.7 |
| redhat | evince | 0.8 |
| redhat | evince | 0.9 |
| redhat | evince | 2.19 |
| redhat | evince | 2.20 |
| redhat | evince | 2.21 |
| redhat | evince | 2.22 |
| redhat | evince | 2.23 |
| redhat | evince | 2.24 |
| redhat | evince | 2.25 |
| redhat | evince | 2.26 |
| redhat | evince | 2.27 |
| redhat | evince | 2.28 |
| redhat | evince | 2.29 |
| redhat | evince | 2.29.92 |
| redhat | evince | 2.30 |
| redhat | evince | 2.30.2 |
| redhat | evince | 2.30.3 |
| redhat | evince | 2.31 |
| redhat | evince | 2.31.1 |
| redhat | evince | 2.31.2 |
| redhat | evince | 2.31.4 |
| redhat | evince | 2.31.4.1 |
| redhat | evince | 2.31.6 |
| redhat | evince | 2.31.6.1 |
| redhat | evince | 2.31.90 |
| redhat | evince | 2.31.92 |
| t1lib | t1lib | 5.1.2 |
| tug | tetex | 3.0 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| evince |
| ||||||||||||||
| t1lib |
|
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| evince |
| ||||||||||||||||||||||||||||||||||||||||||||||
| evince-browser-plugin |
| ||||||||||||||||||||||||||||||||||||||||||||||
| evince-lang |
| ||||||||||||||||||||||||||||||||||||||||||||||
| evince-plugin-djvudocument |
| ||||||||||||||||||||||||||||||||||||||||||||||
| evince-plugin-dvidocument |
| ||||||||||||||||||||||||||||||||||||||||||||||
| evince-plugin-pdfdocument |
| ||||||||||||||||||||||||||||||||||||||||||||||
| evince-plugin-psdocument |
| ||||||||||||||||||||||||||||||||||||||||||||||
| evince-plugin-tiffdocument |
| ||||||||||||||||||||||||||||||||||||||||||||||
| evince-plugin-xpsdocument |
| ||||||||||||||||||||||||||||||||||||||||||||||
| libevdocument3-4 |
| ||||||||||||||||||||||||||||||||||||||||||||||
| libevview3-3 |
| ||||||||||||||||||||||||||||||||||||||||||||||
| nautilus-evince |
| ||||||||||||||||||||||||||||||||||||||||||||||
| typelib-1_0-EvinceDocument-3_0 |
| ||||||||||||||||||||||||||||||||||||||||||||||
| typelib-1_0-EvinceView-3_0 |
|
Red Hat Enterprise Linux Releases
Red Hat Product | |||
|---|---|---|---|
| evince |
| ||
| evince-devel |
| ||
| evince-dvi |
| ||
| evince-libs |
| ||
| kpathsea |
| ||
| kpathsea-devel |
| ||
| mendexk |
| ||
| t1lib |
| ||
| t1lib-apps |
| ||
| t1lib-devel |
| ||
| t1lib-static |
| ||
| texlive |
| ||
| texlive-afm |
| ||
| texlive-context |
| ||
| texlive-dvips |
| ||
| texlive-dviutils |
| ||
| texlive-east-asian |
| ||
| texlive-latex |
| ||
| texlive-utils |
| ||
| texlive-xetex |
|
Common Weakness Enumeration
References