Описание
Heap-based buffer overflow in the linetoken function in afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics (AFM) file, a different vulnerability than CVE-2010-2642.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | |
| hardy | ignored | end of life |
| lucid | released | 2.30.3-0ubuntu1.3 |
| maverick | released | 2.32.0-0ubuntu1.2 |
| natty | released | 2.32.0-0ubuntu12.4 |
| oneiric | not-affected | 3.2.1-0ubuntu2 |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | released | 5.1.2-3.4ubuntu1 |
| hardy | ignored | end of life |
| karmic | ignored | end of life |
| lucid | released | 5.1.2-3ubuntu0.10.04.2 |
| maverick | released | 5.1.2-3ubuntu0.10.10.2 |
| natty | released | 5.1.2-3ubuntu0.11.04.2 |
| oneiric | released | 5.1.2-3ubuntu0.11.10.2 |
| upstream | pending | 5.1.2-3.5 |
Показывать по
EPSS
6.8 Medium
CVSS2
Связанные уязвимости
Heap-based buffer overflow in the linetoken function in afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics (AFM) file, a different vulnerability than CVE-2010-2642.
Heap-based buffer overflow in the linetoken function in afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics (AFM) file, a different vulnerability than CVE-2010-2642.
Heap-based buffer overflow in the linetoken function in afmparse.c in ...
Heap-based buffer overflow in the linetoken function in afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics (AFM) file, a different vulnerability than CVE-2010-2642.
EPSS
6.8 Medium
CVSS2