Описание
Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | not-affected | |
| hardy | released | 2.22.2-0ubuntu2.1 |
| karmic | released | 2.28.1-0ubuntu1.3 |
| lucid | released | 2.30.3-0ubuntu1.2 |
| maverick | released | 2.32.0-0ubuntu1.1 |
| natty | released | 2.32.0-0ubuntu4 |
| oneiric | not-affected | |
| upstream | needed |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | released | 5.1.2-3.4ubuntu1 |
| hardy | ignored | end of life |
| karmic | ignored | end of life |
| lucid | released | 5.1.2-3ubuntu0.10.04.2 |
| maverick | released | 5.1.2-3ubuntu0.10.10.2 |
| natty | released | 5.1.2-3ubuntu0.11.04.2 |
| oneiric | released | 5.1.2-3ubuntu0.11.10.2 |
| upstream | pending | 5.1.2-3.5 |
Показывать по
7.6 High
CVSS2
Связанные уязвимости
Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.
Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.
Heap-based buffer overflow in the AFM font parser in the dvi-backend c ...
Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.
7.6 High
CVSS2