Описание
Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.
Релиз | Статус | Примечание |
---|---|---|
dapper | ignored | end of life |
devel | not-affected | |
hardy | released | 2.22.2-0ubuntu2.1 |
karmic | released | 2.28.1-0ubuntu1.3 |
lucid | released | 2.30.3-0ubuntu1.2 |
maverick | released | 2.32.0-0ubuntu1.1 |
natty | released | 2.32.0-0ubuntu4 |
oneiric | not-affected | |
upstream | needed |
Показывать по
Релиз | Статус | Примечание |
---|---|---|
dapper | ignored | end of life |
devel | released | 5.1.2-3.4ubuntu1 |
hardy | ignored | end of life |
karmic | ignored | end of life |
lucid | released | 5.1.2-3ubuntu0.10.04.2 |
maverick | released | 5.1.2-3ubuntu0.10.10.2 |
natty | released | 5.1.2-3ubuntu0.11.04.2 |
oneiric | released | 5.1.2-3ubuntu0.11.10.2 |
upstream | pending | 5.1.2-3.5 |
Показывать по
7.6 High
CVSS2
Связанные уязвимости
Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.
Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.
Heap-based buffer overflow in the AFM font parser in the dvi-backend c ...
Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.
7.6 High
CVSS2