CVE-2010-2643

Integer overflow in the TFM font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.6 UNKNOWN
NETWORK
HIGH
AV:N/AC:H/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 92%
Affected Products (NVD)
VendorProductVersion
redhatevince
0.1
redhatevince
0.2
redhatevince
0.3
redhatevince
0.4
redhatevince
0.5
redhatevince
0.6
redhatevince
0.7
redhatevince
0.8
redhatevince
0.9
redhatevince
2.19
redhatevince
2.20
redhatevince
2.21
redhatevince
2.22
redhatevince
2.23
redhatevince
2.24
redhatevince
2.25
redhatevince
2.26
redhatevince
2.27
redhatevince
2.28
redhatevince
2.29
redhatevince
2.29.92
redhatevince
2.30
redhatevince
2.30.2
redhatevince
2.30.3
redhatevince
2.31
redhatevince
2.31.1
redhatevince
2.31.2
redhatevince
2.31.4
redhatevince
2.31.4.1
redhatevince
2.31.6
redhatevince
2.31.6.1
redhatevince
2.31.90
redhatevince
2.31.92
redhatevince
2.32
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
evince
bookworm
43.1-2
fixed
bullseye
3.38.2-1
fixed
sid
46.3.1-1
fixed
trixie
46.3.1-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
evince
dapper
ignored
hardy
Fixed 2.22.2-0ubuntu2.1
released
karmic
Fixed 2.28.1-0ubuntu1.3
released
lucid
Fixed 2.30.3-0ubuntu1.2
released
maverick
Fixed 2.32.0-0ubuntu1.1
released
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
evince
suse enterprise sap 12 SP5
3.20.2-6.27.1
fixed
suse enterprise server 12
3.10.3-1.213
fixed
suse enterprise server 12 SP1
3.10.3-1.213
fixed
suse enterprise server 12 SP2
3.20.1-5.66
fixed
suse enterprise server 12 SP3
3.20.1-5.66
fixed
suse enterprise server 12 SP5
3.20.2-6.27.1
fixed
evince-browser-plugin
suse enterprise sap 12 SP5
3.20.2-6.27.1
fixed
suse enterprise server 12 SP2
3.20.1-5.66
fixed
suse enterprise server 12 SP3
3.20.1-5.66
fixed
suse enterprise server 12 SP5
3.20.2-6.27.1
fixed
evince-lang
suse enterprise sap 12 SP5
3.20.2-6.27.1
fixed
suse enterprise server 12
3.10.3-1.213
fixed
suse enterprise server 12 SP1
3.10.3-1.213
fixed
suse enterprise server 12 SP2
3.20.1-5.66
fixed
suse enterprise server 12 SP3
3.20.1-5.66
fixed
suse enterprise server 12 SP5
3.20.2-6.27.1
fixed
evince-plugin-djvudocument
suse enterprise sap 12 SP5
3.20.2-6.27.1
fixed
suse enterprise server 12 SP2
3.20.1-5.66
fixed
suse enterprise server 12 SP3
3.20.1-5.66
fixed
suse enterprise server 12 SP5
3.20.2-6.27.1
fixed
evince-plugin-dvidocument
suse enterprise sap 12 SP5
3.20.2-6.27.1
fixed
suse enterprise server 12 SP2
3.20.1-5.66
fixed
suse enterprise server 12 SP3
3.20.1-5.66
fixed
suse enterprise server 12 SP5
3.20.2-6.27.1
fixed
evince-plugin-pdfdocument
suse enterprise sap 12 SP5
3.20.2-6.27.1
fixed
suse enterprise server 12 SP2
3.20.1-5.66
fixed
suse enterprise server 12 SP3
3.20.1-5.66
fixed
suse enterprise server 12 SP5
3.20.2-6.27.1
fixed
evince-plugin-psdocument
suse enterprise sap 12 SP5
3.20.2-6.27.1
fixed
suse enterprise server 12 SP2
3.20.1-5.66
fixed
suse enterprise server 12 SP3
3.20.1-5.66
fixed
suse enterprise server 12 SP5
3.20.2-6.27.1
fixed
evince-plugin-tiffdocument
suse enterprise sap 12 SP5
3.20.2-6.27.1
fixed
suse enterprise server 12 SP2
3.20.1-5.66
fixed
suse enterprise server 12 SP3
3.20.1-5.66
fixed
suse enterprise server 12 SP5
3.20.2-6.27.1
fixed
evince-plugin-xpsdocument
suse enterprise sap 12 SP5
3.20.2-6.27.1
fixed
suse enterprise server 12 SP2
3.20.1-5.66
fixed
suse enterprise server 12 SP3
3.20.1-5.66
fixed
suse enterprise server 12 SP5
3.20.2-6.27.1
fixed
libevdocument3-4
suse enterprise sap 12 SP5
3.20.2-6.27.1
fixed
suse enterprise server 12
3.10.3-1.213
fixed
suse enterprise server 12 SP1
3.10.3-1.213
fixed
suse enterprise server 12 SP2
3.20.1-5.66
fixed
suse enterprise server 12 SP3
3.20.1-5.66
fixed
suse enterprise server 12 SP5
3.20.2-6.27.1
fixed
libevview3-3
suse enterprise sap 12 SP5
3.20.2-6.27.1
fixed
suse enterprise server 12
3.10.3-1.213
fixed
suse enterprise server 12 SP1
3.10.3-1.213
fixed
suse enterprise server 12 SP2
3.20.1-5.66
fixed
suse enterprise server 12 SP3
3.20.1-5.66
fixed
suse enterprise server 12 SP5
3.20.2-6.27.1
fixed
nautilus-evince
suse enterprise sap 12 SP5
3.20.2-6.27.1
fixed
suse enterprise server 12 SP2
3.20.1-5.66
fixed
suse enterprise server 12 SP3
3.20.1-5.66
fixed
suse enterprise server 12 SP5
3.20.2-6.27.1
fixed
typelib-1_0-EvinceDocument-3_0
suse enterprise desktop 12
3.10.3-1.213
fixed
suse enterprise desktop 12 SP1
3.10.3-1.213
fixed
suse enterprise desktop 12 SP2
3.20.1-5.66
fixed
suse enterprise desktop 12 SP3
3.20.1-5.66
fixed
suse enterprise desktop 12 SP4
3.20.2-6.22.9
fixed
suse enterprise sap 12
3.10.3-1.213
fixed
suse enterprise sap 12 SP1
3.10.3-1.213
fixed
suse enterprise sap 12 SP2
3.20.1-5.66
fixed
suse enterprise sap 12 SP3
3.20.1-5.66
fixed
suse enterprise sap 12 SP4
3.20.2-6.22.9
fixed
suse enterprise sap 12 SP5
3.20.2-6.27.1
fixed
suse enterprise server 12
3.10.3-1.213
fixed
suse enterprise server 12 SP1
3.10.3-1.213
fixed
suse enterprise server 12 SP2
3.20.1-5.66
fixed
suse enterprise server 12 SP3
3.20.1-5.66
fixed
suse enterprise server 12 SP4
3.20.2-6.22.9
fixed
suse enterprise server 12 SP5
3.20.2-6.27.1
fixed
suse enterprise workstation 12
3.10.3-1.213
fixed
suse enterprise workstation 12 SP1
3.10.3-1.213
fixed
suse enterprise workstation 12 SP2
3.20.1-5.66
fixed
suse enterprise workstation 12 SP3
3.20.1-5.66
fixed
suse enterprise workstation 12 SP4
3.20.2-6.22.9
fixed
suse enterprise workstation 12 SP5
3.20.2-6.27.1
fixed
typelib-1_0-EvinceView-3_0
suse enterprise desktop 12
3.10.3-1.213
fixed
suse enterprise desktop 12 SP1
3.10.3-1.213
fixed
suse enterprise desktop 12 SP2
3.20.1-5.66
fixed
suse enterprise desktop 12 SP3
3.20.1-5.66
fixed
suse enterprise desktop 12 SP4
3.20.2-6.22.9
fixed
suse enterprise sap 12
3.10.3-1.213
fixed
suse enterprise sap 12 SP1
3.10.3-1.213
fixed
suse enterprise sap 12 SP2
3.20.1-5.66
fixed
suse enterprise sap 12 SP3
3.20.1-5.66
fixed
suse enterprise sap 12 SP4
3.20.2-6.22.9
fixed
suse enterprise sap 12 SP5
3.20.2-6.27.1
fixed
suse enterprise server 12
3.10.3-1.213
fixed
suse enterprise server 12 SP1
3.10.3-1.213
fixed
suse enterprise server 12 SP2
3.20.1-5.66
fixed
suse enterprise server 12 SP3
3.20.1-5.66
fixed
suse enterprise server 12 SP4
3.20.2-6.22.9
fixed
suse enterprise server 12 SP5
3.20.2-6.27.1
fixed
suse enterprise workstation 12
3.10.3-1.213
fixed
suse enterprise workstation 12 SP1
3.10.3-1.213
fixed
suse enterprise workstation 12 SP2
3.20.1-5.66
fixed
suse enterprise workstation 12 SP3
3.20.1-5.66
fixed
suse enterprise workstation 12 SP4
3.20.2-6.22.9
fixed
suse enterprise workstation 12 SP5
3.20.2-6.27.1
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
evince
RHEL 6
0:2.28.2-14.el6_0.1
fixed
evince-devel
RHEL 6
0:2.28.2-14.el6_0.1
fixed
evince-dvi
RHEL 6
0:2.28.2-14.el6_0.1
fixed
evince-libs
RHEL 6
0:2.28.2-14.el6_0.1
fixed
Common Weakness Enumeration
References
http://git.gnome.org/browse/evince/commit/?id=d4139205b010ed06310d14284e63114e88ec6de2
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052910.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052995.html
http://lists.mandriva.com/security-announce/2011-01/msg00006.php
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
http://secunia.com/advisories/42769
http://secunia.com/advisories/42821
http://secunia.com/advisories/42847
http://secunia.com/advisories/42872
http://secunia.com/advisories/43068
http://www.debian.org/security/2011/dsa-2357
http://www.redhat.com/support/errata/RHSA-2011-0009.html
http://www.securityfocus.com/bid/45678
http://www.securitytracker.com/id?1024937
http://www.ubuntu.com/usn/USN-1035-1
http://www.vupen.com/english/advisories/2011/0029
http://www.vupen.com/english/advisories/2011/0043
http://www.vupen.com/english/advisories/2011/0056
http://www.vupen.com/english/advisories/2011/0097
http://www.vupen.com/english/advisories/2011/0102
http://www.vupen.com/english/advisories/2011/0212
https://bugzilla.redhat.com/show_bug.cgi?id=666321
http://git.gnome.org/browse/evince/commit/?id=d4139205b010ed06310d14284e63114e88ec6de2
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052910.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052995.html
http://lists.mandriva.com/security-announce/2011-01/msg00006.php
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
http://secunia.com/advisories/42769
http://secunia.com/advisories/42821
http://secunia.com/advisories/42847
http://secunia.com/advisories/42872
http://secunia.com/advisories/43068
http://www.debian.org/security/2011/dsa-2357
http://www.redhat.com/support/errata/RHSA-2011-0009.html
http://www.securityfocus.com/bid/45678
http://www.securitytracker.com/id?1024937
http://www.ubuntu.com/usn/USN-1035-1
http://www.vupen.com/english/advisories/2011/0029
http://www.vupen.com/english/advisories/2011/0043
http://www.vupen.com/english/advisories/2011/0056
http://www.vupen.com/english/advisories/2011/0097
http://www.vupen.com/english/advisories/2011/0102
http://www.vupen.com/english/advisories/2011/0212
https://bugzilla.redhat.com/show_bug.cgi?id=666321