35 matches found
EUVD-2019-3132
Malware in sbrugna...
Multiple off-by-one errors in the (1) token and (2) linetoken functions in backend/dvi/mdvi-lib/afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics (AFM) file, different vulnerabilities than CVE-2010-2642 and CVE-2011-0433.
...
Linux Distros Unpatched Vulnerability : CVE-2019-11459
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The tiffdocumentrender and tiffdocumentgetthumbnail functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from...
RHEL 5 : evince (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - evince: buffer overflow in backend/tiff/tiff-document.c leads to DOS/possible code execution...
Rocky Linux 8 : GNOME (RLSA-2019:3553)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2019:3553 advisory. - WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings when downloading livestream video HLS, DASH, ...
SUSE CVE-2011-0433
Heap-based buffer overflow in the linetoken function in afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics AFM...
Huawei EulerOS: Security Advisory for evince (EulerOS-SA-2022-1561)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux AMI : poppler (ALAS-2020-1398)
The version of poppler installed on the remote host is prior to 0.26.5-42.20. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1398 advisory. The tiffdocumentrender and tiffdocumentgetthumbnail functions in the TIFF document backend in GNOME Evince through...
CVE-2019-11459
The tiffdocumentrender and tiffdocumentgetthumbnail functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented, leading to uninitialized memory use when processing certain TIFF image files...
Evince Buffer Overflow Vulnerability
GNOME Evince is a document viewing tool for the GNOME desktop environment. The product supports PDF, PostScript, DjVu, TIFF and DVI formats. A buffer overflow vulnerability exists in the backend/tiff/tiff-document.c file in GNOME Evince version 3.26.0. The vulnerability stems from a networked...
CVE-2019-11459
The tiffdocumentrender and tiffdocumentgetthumbnail functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented, leading to uninitialized memory use when processing certain TIFF image files...
Code injection
The tiffdocumentrender and tiffdocumentgetthumbnail functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented, leading to uninitialized memory use when processing certain TIFF image files...
CVE-2019-11459
The tiffdocumentrender and tiffdocumentgetthumbnail functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented, leading to uninitialized memory use when processing certain TIFF image files...
CVE-2019-11459
The tiffdocumentrender and tiffdocumentgetthumbnail functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented, leading to uninitialized memory use when processing certain TIFF image files...
CVE-2019-11459
The tiffdocumentrender and tiffdocumentgetthumbnail functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented, leading to uninitialized memory use when processing certain TIFF image files...
CVE-2019-11459
The tiffdocumentrender and tiffdocumentgetthumbnail functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented, leading to uninitialized memory use when processing certain TIFF image files...
CVE-2019-11459
The CVE-2019-11459 entry affects the Evince TIFF backend. The root cause is that tiff_document_render() and tiff_document_get_thumbnail() did not properly handle errors returned by TIFFReadRGBAImageOriented(), which can lead to disclosure of uninitialized memory when processing certain TIFF image...
CVE-2019-11459
The tiffdocumentrender and tiffdocumentgetthumbnail functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented, leading to uninitialized memory use when processing certain TIFF image files...
UBUNTU-CVE-2019-11459
The tiffdocumentrender and tiffdocumentgetthumbnail functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented, leading to uninitialized memory use when processing certain TIFF image files...
Evince 3.24.0 - Command Injection
Exploit Title: evince command line injection Date: 2017-09-05 Exploit Author: Matlink Vendor Homepage: https://wiki.gnome.org/Apps/Evince Software Link: https://wiki.gnome.org/Apps/Evince Version: 3.24.0 Tested on: Debian sid CVE : CVE-2017-1000083 Can be tested on docker with...