Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2010-2642

Опубликовано: 05 янв. 2011
Источник: redhat
CVSS2: 5.1

Описание

Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.

Отчет

This issue did not affect the versions of evince as shipped with Red Hat Enterprise Linux 5.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 4tetexAffected
Red Hat Enterprise Linux 5evinceNot affected
Red Hat Enterprise Linux 5tetexFixedRHSA-2012:120123.08.2012
Red Hat Enterprise Linux 6evinceFixedRHSA-2011:000906.01.2011
Red Hat Enterprise Linux 6t1libFixedRHSA-2012:006224.01.2012
Red Hat Enterprise Linux 6texliveFixedRHSA-2012:013715.02.2012

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-122
https://bugzilla.redhat.com/show_bug.cgi?id=666318t1lib: Heap based buffer overflow in DVI file AFM font parser

5.1 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2010-2642

ubuntu
больше 14 лет назад

Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.

nvd логотип

CVE-2010-2642

nvd
больше 14 лет назад

Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.

debian логотип

CVE-2010-2642

debian
больше 14 лет назад

Heap-based buffer overflow in the AFM font parser in the dvi-backend c ...

github логотип

GHSA-3p5c-p75q-mfgv

github
около 3 лет назад

Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.

oracle-oval логотип

ELSA-2011-0009

oracle-oval
больше 14 лет назад

ELSA-2011-0009: evince security update (MODERATE)

5.1 Medium

CVSS2