Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2010-2642

Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.

  • Published: Jan 7, 2011
  • Updated: Apr 13, 2023
  • CVE: CVE-2010-2642
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 7.6
  • AV:N/AC:H/Au:N/C:C/I:C/A:C

CWEs:

Software From Fixed in
redhat / evince 2.31.1 2.31.1.x
redhat / evince 2.19 2.19.x
redhat / evince 2.29.92 2.29.92.x
redhat / evince 2.27 2.27.x
redhat / evince 2.30.3 2.30.3.x
redhat / evince 2.31.6.1 2.31.6.1.x
redhat / evince 2.31 2.31.x
redhat / evince 0.2 0.2.x
redhat / evince 2.22 2.22.x
redhat / evince 0.8 0.8.x
redhat / evince 0.4 0.4.x
redhat / evince 2.31.4.1 2.31.4.1.x
redhat / evince 0.1 0.1.x
redhat / evince 2.20 2.20.x
redhat / evince 2.21 2.21.x
redhat / evince 0.5 0.5.x
t1lib / t1lib 5.1.2 5.1.2.x
redhat / evince 2.31.92 2.31.92.x
redhat / evince 2.31.2 2.31.2.x
redhat / evince 2.30 2.30.x
redhat / evince 2.25 2.25.x
redhat / evince 2.29 2.29.x
redhat / evince 0.3 0.3.x
redhat / evince 0.7 0.7.x
redhat / evince 2.31.6 2.31.6.x
redhat / evince 2.24 2.24.x
tug / tetex 3.0 3.0.x
redhat / evince 0.6 0.6.x
redhat / evince 2.23 2.23.x
redhat / evince 0.9 0.9.x
redhat / evince - 2.32.x
redhat / evince 2.31.90 2.31.90.x
redhat / evince 2.30.2 2.30.2.x
redhat / evince 2.28 2.28.x
redhat / evince 2.26 2.26.x
redhat / evince 2.31.4 2.31.4.x