Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2010-2642

Опубликовано: 05 янв. 2011
Источник: redhat
CVSS2: 5.1
EPSS Средний

Описание

Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.

Отчет

This issue did not affect the versions of evince as shipped with Red Hat Enterprise Linux 5.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 4tetexAffected
Red Hat Enterprise Linux 5evinceNot affected
Red Hat Enterprise Linux 5tetexFixedRHSA-2012:120123.08.2012
Red Hat Enterprise Linux 6evinceFixedRHSA-2011:000906.01.2011
Red Hat Enterprise Linux 6t1libFixedRHSA-2012:006224.01.2012
Red Hat Enterprise Linux 6texliveFixedRHSA-2012:013715.02.2012

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-122
https://bugzilla.redhat.com/show_bug.cgi?id=666318t1lib: Heap based buffer overflow in DVI file AFM font parser

EPSS

Процентиль: 94%
0.12564
Средний

5.1 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2010-2642

ubuntu
почти 15 лет назад

Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.

nvd логотип

CVE-2010-2642

nvd
почти 15 лет назад

Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.

msrc логотип

CVE-2010-2642

msrc
около 1 месяца назад

Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.

debian логотип

CVE-2010-2642

debian
почти 15 лет назад

Heap-based buffer overflow in the AFM font parser in the dvi-backend c ...

github логотип

GHSA-3p5c-p75q-mfgv

github
больше 3 лет назад

Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.

EPSS

Процентиль: 94%
0.12564
Средний

5.1 Medium

CVSS2