|
|
Subscribe / Log in / New account

evince: arbitrary code execution

Package(s):evince CVE #(s):CVE-2010-2640 CVE-2010-2641 CVE-2010-2642 CVE-2010-2643
Created:January 5, 2011 Updated:January 30, 2012
Description: From the Ubuntu advisory:

Jon Larimer discovered that Evince's font parsers incorrectly handled certain buffer lengths when rendering a DVI file. By tricking a user into opening or previewing a DVI file that uses a specially crafted font file, an attacker could crash evince or execute arbitrary code with the user's privileges.

Alerts:
Gentoo 201701-57 t1lib 2017-01-24
Mandriva MDVSA-2012:144 tetex 2012-08-28
Scientific Linux SL-tete-20120823 tetex 2012-08-23
Oracle ELSA-2012-1201 tetex 2012-08-23
CentOS CESA-2012:1201 tetex 2012-08-23
Red Hat RHSA-2012:1201-01 tetex 2012-08-23
Slackware SSA:2012-228-01 t1lib 2012-08-15
Oracle ELSA-2012-0137 texlive 2012-02-15
CentOS CESA-2012:0137 texlive 2012-02-16
Scientific Linux SL-texl-20120215 texlive 2012-02-15
Red Hat RHSA-2012:0137-01 texlive 2012-02-15
CentOS CESA-2012:0062 t1lib 2012-01-30
Fedora FEDORA-2012-0266 t1lib 2012-01-28
Fedora FEDORA-2012-0289 t1lib 2012-01-28
Scientific Linux SL-t1li-20120125 t1lib 2012-01-25
Red Hat RHSA-2012:0062-01 t1lib 2012-01-24
Oracle ELSA-2012-0062 t1lib 2012-01-25
Ubuntu USN-1335-1 t1lib 2012-01-19
Debian DSA-2388-1 t1lib 2012-01-14
Debian DSA-2357-1 evince 2011-12-03
Gentoo 201111-10 evince 2011-11-20
SUSE SUSE-SR:2011:005 hplip, perl, subversion, t1lib, bind, tomcat5, tomcat6, avahi, gimp, aaa_base, build, libtiff, krb5, nbd, clamav, aaa_base, flash-player, pango, openssl, subversion, postgresql, logwatch, libxml2, quagga, fuse, util-linux 2011-04-01
openSUSE openSUSE-SU-2011:0140-1 t1lib 2011-02-28
SUSE SUSE-SR:2011:002 ed, evince, hplip, libopensc2/opensc, libsmi, libwebkit, perl, python, sssd, sudo, wireshark 2011-01-25
Mandriva MDVSA-2011:016 t1lib 2011-01-21
Fedora FEDORA-2011-0224 evince 2011-01-07
Fedora FEDORA-2011-0208 evince 2011-01-07
Red Hat RHSA-2011:0009-01 evince 2011-01-06
Ubuntu USN-1035-1 evince 2011-01-05
Mandriva MDVSA-2011:017 tetex 2011-01-21
openSUSE openSUSE-SU-2011:0045-1 evince 2011-01-19
Mandriva MDVSA-2011:005 evince 2011-01-13
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds