CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
EPSS
Percentile
94.5%
Heap-based buffer overflow in the linetoken function in afmparse.c in
t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products,
allows remote attackers to cause a denial of service (crash) and possibly
execute arbitrary code via a DVI file containing a crafted Adobe Font
Metrics (AFM) file, a different vulnerability than CVE-2010-2642.
Author | Note |
---|---|
mdeslaur | original patch had an off by one, see second gnome bug patch for t1lib in RH bug |
jdstrand | 5.1.2-3.4 in Debian claims to have fixed this, but the patch wasn’t applied |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 10.04 | noarch | evince | < 2.30.3-0ubuntu1.3 | UNKNOWN |
ubuntu | 10.10 | noarch | evince | < 2.32.0-0ubuntu1.2 | UNKNOWN |
ubuntu | 11.04 | noarch | evince | < 2.32.0-0ubuntu12.4 | UNKNOWN |
ubuntu | 10.04 | noarch | t1lib | < 5.1.2-3ubuntu0.10.04.2 | UNKNOWN |
ubuntu | 10.10 | noarch | t1lib | < 5.1.2-3ubuntu0.10.10.2 | UNKNOWN |
ubuntu | 11.04 | noarch | t1lib | < 5.1.2-3ubuntu0.11.04.2 | UNKNOWN |
ubuntu | 11.10 | noarch | t1lib | < 5.1.2-3ubuntu0.11.10.2 | UNKNOWN |