CVE-2010-2642
EUVD-2010-264607.01.2011, 19:00
Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| redhat | evince | 𝑥 ≤ 2.32 |
| redhat | evince | 0.1 |
| redhat | evince | 0.2 |
| redhat | evince | 0.3 |
| redhat | evince | 0.4 |
| redhat | evince | 0.5 |
| redhat | evince | 0.6 |
| redhat | evince | 0.7 |
| redhat | evince | 0.8 |
| redhat | evince | 0.9 |
| redhat | evince | 2.19 |
| redhat | evince | 2.20 |
| redhat | evince | 2.21 |
| redhat | evince | 2.22 |
| redhat | evince | 2.23 |
| redhat | evince | 2.24 |
| redhat | evince | 2.25 |
| redhat | evince | 2.26 |
| redhat | evince | 2.27 |
| redhat | evince | 2.28 |
| redhat | evince | 2.29 |
| redhat | evince | 2.29.92 |
| redhat | evince | 2.30 |
| redhat | evince | 2.30.2 |
| redhat | evince | 2.30.3 |
| redhat | evince | 2.31 |
| redhat | evince | 2.31.1 |
| redhat | evince | 2.31.2 |
| redhat | evince | 2.31.4 |
| redhat | evince | 2.31.4.1 |
| redhat | evince | 2.31.6 |
| redhat | evince | 2.31.6.1 |
| redhat | evince | 2.31.90 |
| redhat | evince | 2.31.92 |
| t1lib | t1lib | 5.1.2 |
| tug | tetex | 3.0 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| evince |
| ||||||||||||||
| t1lib |
|
Common Weakness Enumeration
References