CVE-2011-0433

2012-01-1300:00:00

ubuntu.com

CVSS2

7.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

EPSS

0.086

Percentile

94.5%

JSON

Heap-based buffer overflow in the linetoken function in afmparse.c in
t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products,
allows remote attackers to cause a denial of service (crash) and possibly
execute arbitrary code via a DVI file containing a crafted Adobe Font
Metrics (AFM) file, a different vulnerability than CVE-2010-2642.

Bugs

Notes

Author	Note
mdeslaur	original patch had an off by one, see second gnome bug patch for t1lib in RH bug
jdstrand	5.1.2-3.4 in Debian claims to have fixed this, but the patch wasn’t applied

OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarchevince< 2.30.3-0ubuntu1.3UNKNOWN
ubuntu10.10noarchevince< 2.32.0-0ubuntu1.2UNKNOWN
ubuntu11.04noarchevince< 2.32.0-0ubuntu12.4UNKNOWN
ubuntu10.04noarcht1lib< 5.1.2-3ubuntu0.10.04.2UNKNOWN
ubuntu10.10noarcht1lib< 5.1.2-3ubuntu0.10.10.2UNKNOWN
ubuntu11.04noarcht1lib< 5.1.2-3ubuntu0.11.04.2UNKNOWN
ubuntu11.10noarcht1lib< 5.1.2-3ubuntu0.11.10.2UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	10.04	noarch	evince	< 2.30.3-0ubuntu1.3	UNKNOWN
ubuntu	10.10	noarch	evince	< 2.32.0-0ubuntu1.2	UNKNOWN
ubuntu	11.04	noarch	evince	< 2.32.0-0ubuntu12.4	UNKNOWN
ubuntu	10.04	noarch	t1lib	< 5.1.2-3ubuntu0.10.04.2	UNKNOWN
ubuntu	10.10	noarch	t1lib	< 5.1.2-3ubuntu0.10.10.2	UNKNOWN
ubuntu	11.04	noarch	t1lib	< 5.1.2-3ubuntu0.11.04.2	UNKNOWN
ubuntu	11.10	noarch	t1lib	< 5.1.2-3ubuntu0.11.10.2	UNKNOWN