Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2011-0433

Опубликовано: 30 янв. 2011
Источник: redhat
CVSS2: 5.1

Описание

Heap-based buffer overflow in the linetoken function in afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics (AFM) file, a different vulnerability than CVE-2010-2642.

Отчет

Not vulnerable. This issue did not affect the versions of evince as shipped with Red Hat Enterprise Linux 5 and 6.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 4tetexAffected
Red Hat Enterprise Linux 5evinceNot affected
Red Hat Enterprise Linux 6evinceNot affected
Red Hat Enterprise Linux 5tetexFixedRHSA-2012:120123.08.2012
Red Hat Enterprise Linux 6t1libFixedRHSA-2012:006224.01.2012
Red Hat Enterprise Linux 6texliveFixedRHSA-2012:013715.02.2012

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-122
https://bugzilla.redhat.com/show_bug.cgi?id=679732t1lib: Heap-based buffer overflow DVI file AFM font parser

5.1 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2011-0433

ubuntu
больше 12 лет назад

Heap-based buffer overflow in the linetoken function in afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics (AFM) file, a different vulnerability than CVE-2010-2642.

nvd логотип

CVE-2011-0433

nvd
больше 12 лет назад

Heap-based buffer overflow in the linetoken function in afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics (AFM) file, a different vulnerability than CVE-2010-2642.

debian логотип

CVE-2011-0433

debian
больше 12 лет назад

Heap-based buffer overflow in the linetoken function in afmparse.c in ...

github логотип

GHSA-m37c-h529-2gqw

github
около 3 лет назад

Heap-based buffer overflow in the linetoken function in afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics (AFM) file, a different vulnerability than CVE-2010-2642.

oracle-oval логотип

ELSA-2012-0137

oracle-oval
больше 13 лет назад

ELSA-2012-0137: texlive security update (MODERATE)

5.1 Medium

CVSS2