7.6 High
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
0.102 Low
EPSS
Percentile
94.1%
Jon Larimer from IBM X-Force Advanced Research discovered multiple
vulnerabilities in the DVI backend of the Evince document viewer:
For the oldstable distribution (lenny), this problem has been fixed in
version 2.22.2-4~lenny2.
For the stable distribution (squeeze), CVE-2010-2640, CVE-2010-2641
and CVE-2010-2643 have been fixed in version 2.30.3-2 but the fix for
CVE-2010-2642 was incomplete. The final fix is present in version
2.30.3-2+squeeze1.
For the testing distribution (wheezy), this problem has been fixed in
version 3.0.2-1.
For the unstable distribution (sid), this problem has been fixed in
version 3.0.2-1.
We recommend that you upgrade your evince packages.
CPE | Name | Operator | Version |
---|---|---|---|
evince | eq | 2.22.2-4~lenny1 |