Lucene search
+L

119 matches found

CVE
CVE
added 2011/01/07 6:0 p.m.255 views

CVE-2010-2642

CVE-2010-2642 describes a heap-based buffer overflow in the AFM font parser of the dvi-backend used by Evince (2.32 and earlier), teTeX 3.0, and t1lib 5.1.2, among others. The vulnerability is triggered by a crafted font in a DVI file processed by the thumbnailer, potentially resulting in a denia...

7.6CVSS8.2AI score0.1427EPSS
Exploits0References27Affected Software3
Cvelist
Cvelist
added 2011/01/07 6:0 p.m.31 views

CVE-2010-2641

Array index error in the VF font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer...

7.5AI score0.04935EPSS
Exploits0References19
Cvelist
Cvelist
added 2011/01/07 6:0 p.m.30 views

CVE-2010-2643

Integer overflow in the TFM font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer...

7.3AI score0.05994EPSS
Exploits0References22
RedHat Linux
RedHat Linux
added 2011/01/06 6:23 p.m.5 views

evince: Array index errror in DVI file VF font parser

Array index error in the VF font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer...

7.6CVSS6.1AI score0.04935EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2011/01/06 6:23 p.m.4 views

evince: Integer overflow in DVI file TFM font parser

Integer overflow in the TFM font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer...

7.6CVSS6.1AI score0.05994EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2011/01/06 6:23 p.m.4 views

evince: Array index errror in DVI file PK font parser

Array index error in the PK font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer...

7.6CVSS6.1AI score0.04935EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2011/01/06 6:23 p.m.7 views

t1lib: Heap based buffer overflow in DVI file AFM font parser

Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted font in conjunctio...

7.6CVSS6.3AI score0.1427EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2011/01/06 12:0 a.m.22 views

Ubuntu 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : evince vulnerabilities (USN-1035-1)

Jon Larimer discovered that Evince's font parsers incorrectly handled certain buffer lengths when rendering a DVI file. By tricking a user into opening or previewing a DVI file that uses a specially crafted font file, an attacker could crash evince or execute arbitrary code with the user's...

7.6CVSS6AI score0.1427EPSS
Exploits0References5
Ubuntu
Ubuntu
added 2011/01/05 2:38 p.m.62 views

USN-1035-1: Evince vulnerabilities

Jon Larimer discovered that Evince's font parsers incorrectly handled certain buffer lengths when rendering a DVI file. By tricking a user into opening or previewing a DVI file that uses a specially crafted font file, an attacker could crash evince or execute arbitrary code with the user's...

7.6CVSS6AI score0.1427EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2011/01/05 12:0 a.m.29 views

CVE-2010-2640

Array index error in the PK font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer...

7.6CVSS6AI score0.04935EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2011/01/05 12:0 a.m.28 views

CVE-2010-2641

Array index error in the VF font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer...

7.6CVSS6AI score0.04935EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2009/09/24 12:0 a.m.51 views

SuSE9 Security Update : XFree86-libs (YOU Patch Number 12040)

This update fixes various Xserver security issues. - File existence disclosure vulnerability. CVE-2007-5958 - XInput Extension Memory Corruption Vulnerability IDEF2888 CVE-2007-6427. - TOG-CUP Extension Memory Corruption Vulnerability IDEF2901 CVE-2007-6428. - EVI Extension Integer Overflow...

9.3CVSS8.3AI score0.05332EPSS
Exploits7References10
Tenable Nessus
Tenable Nessus
added 2009/09/24 12:0 a.m.45 views

SuSE9 Security Update : XFree86-Xnest (YOU Patch Number 12043)

This update fixes various Xserver security issues. - File existence disclosure vulnerability. CVE-2007-5958 - XInput Extension Memory Corruption Vulnerability IDEF2888 CVE-2007-6427. - TOG-CUP Extension Memory Corruption Vulnerability IDEF2901 CVE-2007-6428. - EVI Extension Integer Overflow...

9.3CVSS8.3AI score0.05332EPSS
Exploits7References10
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.27 views

Gentoo Security Advisory GLSA 200609-07 (libxfont)

The remote host is missing updates announced in advisory GLSA 200609-07. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

7.2CVSS1AI score0.00576EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2008/01/21 12:0 a.m.41 views

SuSE 10 Security Update : xorg-x11-Xnest (ZYPP Patch Number 4875)

This update fixes various Xserver security issues. File existence disclosure vulnerability. CVE-2007-5958 XInput Extension Memory Corruption Vulnerability IDEF2888 CVE-2007-6427. TOG-CUP Extension Memory Corruption Vulnerability IDEF2901 CVE-2007-6428. EVI Extension Integer Overflow Vulnerability...

9.3CVSS8.3AI score0.05332EPSS
Exploits7References10
Tenable Nessus
Tenable Nessus
added 2008/01/18 12:0 a.m.47 views

openSUSE 10 Security Update : xorg-x11-Xnest (xorg-x11-Xnest-4859)

This update fixes various Xserver security issues. File existence disclosure vulnerability CVE-2007-5958. XInput Extension Memory Corruption Vulnerability IDEF2888 CVE-2007-6427. TOG-CUP Extension Memory Corruption Vulnerability IDEF2901 CVE-2007-6428. EVI Extension Integer Overflow Vulnerability...

9.3CVSS8.2AI score0.05332EPSS
Exploits7References5
Oracle linux
Oracle linux
added 2007/03/22 12:0 a.m.48 views

Important: XFree86 security update

4.3.0-115.EL.0.2 - Change Patch - needs to be -p0 not -p1 4.3.0-115.EL.0.1 - Add oracle detection to Imake. 4.3.0-115.EL - Add xorg-x11-6.8.2-sorted-xkbcomp-dirs.patch to fix rpmdiff multilib failure. 4.3.0-114.EL - Add xorg-x11-server-CVE-2006-6101.patch 218870 4.3.0-113.EL - Fix for CID font...

7.5CVSS4AI score0.04304EPSS
Exploits0
Oracle linux
Oracle linux
added 2006/11/30 12:0 a.m.43 views

Important xorg-x11 security update

6.8.2-1.EL.13.37.2.1 - Add oracle detection to Imake and xprint 6.8.2-1.EL.13.37.2 - Fix for CID font parser integer overflows. CVE-2006-3470, 204548 - Remove withalternateprojectroot macros...

7.5CVSS5AI score0.01971EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2006/09/06 12:0 a.m.34 views

LibXfont: Multiple integer overflows

Background libXfont is the X.Org Xfont library, some parts are based on the FreeType code base. Description Several integer overflows have been found in the PCF font parser. Impact A local attacker could possibly execute arbitrary code or crash the Xserver by enticing a user to load a specially...

7.5CVSS7.2AI score0.04304EPSS
Exploits0
Rows per page
Query Builder