Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2010-2641

Overview

Vulnerability Score 7.6 7.6
CVE Id CVE-2010-2641
Last Modified 18 Jan 2012 10:49:53
Published 07 Jan 2011 02:00:17
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2010-2641

Summary

Array index error in the VF font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.

Vulnerable Systems

Application

  • Redhat Evince 0.1

  • Redhat Evince 0.2

  • Redhat Evince 0.3

  • Redhat Evince 0.4

  • Redhat Evince 0.5

  • Redhat Evince 0.6

  • Redhat Evince 0.7

  • Redhat Evince 0.8

  • Redhat Evince 0.9

  • Redhat Evince 2.19

  • Redhat Evince 2.20

  • Redhat Evince 2.21

  • Redhat Evince 2.22

  • Redhat Evince 2.23

  • Redhat Evince 2.24

  • Redhat Evince 2.25

  • Redhat Evince 2.26

  • Redhat Evince 2.27

  • Redhat Evince 2.28

  • Redhat Evince 2.29

  • Redhat Evince 2.29.92

  • Redhat Evince 2.30

  • Redhat Evince 2.30.2

  • Redhat Evince 2.30.3

  • Redhat Evince 2.31

  • Redhat Evince 2.31.1

  • Redhat Evince 2.31.2

  • Redhat Evince 2.31.4

  • Redhat Evince 2.31.4.1

  • Redhat Evince 2.31.6

  • Redhat Evince 2.31.6.1

  • Redhat Evince 2.31.90

  • Redhat Evince 2.31.92

  • Redhat Evince 2.32


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=666314

CONFIRM - http://git.gnome.org/browse/evince/commit/?id=d4139205b010ed06310d14284e63114e88ec6de2

VUPEN - ADV-2011-0102

VUPEN - ADV-2011-0097

VUPEN - ADV-2011-0056

VUPEN - ADV-2011-0043

VUPEN - ADV-2011-0029

UBUNTU - USN-1035-1

SECTRACK - 1024937

BID - 45678

REDHAT - RHSA-2011:0009

SECUNIA - 42872

SECUNIA - 42847

SECUNIA - 42821

SECUNIA - 42769

MANDRIVA - MDVSA-2011:005

FEDORA - FEDORA-2011-0224

FEDORA - FEDORA-2011-0208

DEBIAN - DSA-2357


Last Updated: 27 May 2016 10:57:20