CVE-2010-2643

Integer overflow in the TFM font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.6 UNKNOWN
NETWORK
HIGH
AV:N/AC:H/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 90%
VendorProductVersion
redhatevince
0.1
redhatevince
0.2
redhatevince
0.3
redhatevince
0.4
redhatevince
0.5
redhatevince
0.6
redhatevince
0.7
redhatevince
0.8
redhatevince
0.9
redhatevince
2.19
redhatevince
2.20
redhatevince
2.21
redhatevince
2.22
redhatevince
2.23
redhatevince
2.24
redhatevince
2.25
redhatevince
2.26
redhatevince
2.27
redhatevince
2.28
redhatevince
2.29
redhatevince
2.29.92
redhatevince
2.30
redhatevince
2.30.2
redhatevince
2.30.3
redhatevince
2.31
redhatevince
2.31.1
redhatevince
2.31.2
redhatevince
2.31.4
redhatevince
2.31.4.1
redhatevince
2.31.6
redhatevince
2.31.6.1
redhatevince
2.31.90
redhatevince
2.31.92
redhatevince
2.32
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
evince
bullseye
3.38.2-1
fixed
bookworm
43.1-2
fixed
sid
46.3.1-1
fixed
trixie
46.3.1-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
evince
maverick
Fixed 2.32.0-0ubuntu1.1
released
lucid
Fixed 2.30.3-0ubuntu1.2
released
karmic
Fixed 2.28.1-0ubuntu1.3
released
hardy
Fixed 2.22.2-0ubuntu2.1
released
dapper
ignored
Common Weakness Enumeration
References
http://git.gnome.org/browse/evince/commit/?id=d4139205b010ed06310d14284e63114e88ec6de2
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052910.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052995.html
http://lists.mandriva.com/security-announce/2011-01/msg00006.php
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
http://secunia.com/advisories/42769
http://secunia.com/advisories/42821
http://secunia.com/advisories/42847
http://secunia.com/advisories/42872
http://secunia.com/advisories/43068
http://www.debian.org/security/2011/dsa-2357
http://www.redhat.com/support/errata/RHSA-2011-0009.html
http://www.securityfocus.com/bid/45678
http://www.securitytracker.com/id?1024937
http://www.ubuntu.com/usn/USN-1035-1
http://www.vupen.com/english/advisories/2011/0029
http://www.vupen.com/english/advisories/2011/0043
http://www.vupen.com/english/advisories/2011/0056
http://www.vupen.com/english/advisories/2011/0097
http://www.vupen.com/english/advisories/2011/0102
http://www.vupen.com/english/advisories/2011/0212
https://bugzilla.redhat.com/show_bug.cgi?id=666321
http://git.gnome.org/browse/evince/commit/?id=d4139205b010ed06310d14284e63114e88ec6de2
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052910.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052995.html
http://lists.mandriva.com/security-announce/2011-01/msg00006.php
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
http://secunia.com/advisories/42769
http://secunia.com/advisories/42821
http://secunia.com/advisories/42847
http://secunia.com/advisories/42872
http://secunia.com/advisories/43068
http://www.debian.org/security/2011/dsa-2357
http://www.redhat.com/support/errata/RHSA-2011-0009.html
http://www.securityfocus.com/bid/45678
http://www.securitytracker.com/id?1024937
http://www.ubuntu.com/usn/USN-1035-1
http://www.vupen.com/english/advisories/2011/0029
http://www.vupen.com/english/advisories/2011/0043
http://www.vupen.com/english/advisories/2011/0056
http://www.vupen.com/english/advisories/2011/0097
http://www.vupen.com/english/advisories/2011/0102
http://www.vupen.com/english/advisories/2011/0212
https://bugzilla.redhat.com/show_bug.cgi?id=666321