Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : Evince vulnerability (USN-8295-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8295-1 advisory. It was discovered that Evince did not properly sanitize command-line arguments in PDF /GoToR actions. If a user opened a specially...

MiracleLinux 8 : evince-3.28.4-11.el8, poppler-20.11.0-2.el8 (AXSA:2021-2105:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2105:01 advisory. poppler: pdftohtml: access to uninitialized pointer could lead to DoS CVE-2020-27778 Tenable has extracted the preceding description block directly from the...

MiracleLinux 7 : evince-3.22.1-5.2.el7 (AXSA:2017-2116:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-2116:01 advisory. Evince is simple multi-page document viewer. It can display and print Portable Document Format PDF, PostScript PS and Encapsulated PostScript EPS files. When...

EUVD-2010-2647

Malware in sbrugna...

SUSE CVE-2017-1000083

backend/comics/comics-document.c aka the comic book backend in GNOME Evince before 3.24.1 allows remote attackers to execute arbitrary commands via a .cbt file that is a TAR archive containing a filename beginning with a "--" command-line option substring, as demonstrated by a...

NewStart CGSL MAIN 6.02 : evince Vulnerability (NS-SA-2022-0086)

The remote NewStart CGSL host, running version MAIN 6.02, has evince packages installed that are affected by a vulnerability: - A flaw was found in Poppler in the way certain PDF files were converted into HTML. A remote attacker could exploit this flaw by providing a malicious PDF file that, when...

Ubuntu 14.04 LTS / 16.04 LTS : Evince vulnerability (USN-3503-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3503-1 advisory. It was discovered that Evince incorrectly handled printing certain DVI files. If a user were tricked into opening and printing a specially-named DVI...

Ubuntu 14.04 LTS / 16.04 LTS : Evince vulnerability (USN-3351-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3351-1 advisory. Felix Wilhelm discovered that Evince did not safely invoke tar when handling tar comic book cbt files. An attacker could use this to construct a...

CVE-2012-6535

DjVuLibre before 3.5.25.3, as used in Evince, Sumatra PDF Reader, VuDroid, and other products, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted DjVu aka .djv file...

Ubuntu 5.10 / 6.06 LTS / 6.10 : evince vulnerability (USN-390-1)

A buffer overflow was discovered in the PostScript processor included in evince. By tricking a user into opening a specially crafted PS file, an attacker could crash evince or execute arbitrary code with the user's privileges. Note that Tenable Network Security has extracted the preceding...

USN-390-2: evince vulnerability

USN-390-1 fixed a vulnerability in evince. The original fix did not fully solve the problem, allowing for a denial of service in certain situations. Original advisory details: A buffer overflow was discovered in the PostScript processor included in evince. By tricking a user into opening a...