Vulnerability Database

300,830

Total vulnerabilities in the database

CVE-2010-2643

Integer overflow in the TFM font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.

  • Published: Jan 7, 2011
  • Updated: Nov 9, 2025
  • CVE: CVE-2010-2643
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 7.6
  • AV:N/AC:H/Au:N/C:C/I:C/A:C

CWEs:

Software From Fixed in
redhat / evince 2.31.1 2.31.1.x
redhat / evince 2.19 2.19.x
redhat / evince 2.29.92 2.29.92.x
redhat / evince 2.27 2.27.x
redhat / evince 2.30.3 2.30.3.x
redhat / evince 2.31.6.1 2.31.6.1.x
redhat / evince 2.31 2.31.x
redhat / evince 0.2 0.2.x
redhat / evince 2.22 2.22.x
redhat / evince 0.8 0.8.x
redhat / evince 0.4 0.4.x
redhat / evince 2.32 2.32.x
redhat / evince 2.31.4.1 2.31.4.1.x
redhat / evince 0.1 0.1.x
redhat / evince 2.20 2.20.x
redhat / evince 2.21 2.21.x
redhat / evince 0.5 0.5.x
redhat / evince 2.31.92 2.31.92.x
redhat / evince 2.31.2 2.31.2.x
redhat / evince 2.30 2.30.x
redhat / evince 2.25 2.25.x
redhat / evince 2.29 2.29.x
redhat / evince 0.3 0.3.x
redhat / evince 0.7 0.7.x
redhat / evince 2.31.6 2.31.6.x
redhat / evince 2.24 2.24.x
redhat / evince 0.6 0.6.x
redhat / evince 2.23 2.23.x
redhat / evince 0.9 0.9.x
redhat / evince 2.31.90 2.31.90.x
redhat / evince 2.30.2 2.30.2.x
redhat / evince 2.28 2.28.x
redhat / evince 2.26 2.26.x
redhat / evince 2.31.4 2.31.4.x