Launchpad.net

CVE 2010-2642

Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://git.gnome.org/b...
CONFIRM: https://bugzilla.redha...
SECUNIA: 42769
FEDORA: FEDORA-2011-0208
REDHAT: RHSA-2011:0009
UBUNTU: USN-1035-1
BID: 45678
SECTRACK: 1024937
SECUNIA: 42821
SECUNIA: 42847
VUPEN: ADV-2011-0029
VUPEN: ADV-2011-0043
FEDORA: FEDORA-2011-0224
MANDRIVA: MDVSA-2011:005
SECUNIA: 42872
VUPEN: ADV-2011-0056
VUPEN: ADV-2011-0097
VUPEN: ADV-2011-0102
MANDRIVA: MDVSA-2011:016
MANDRIVA: MDVSA-2011:017
VUPEN: ADV-2011-0193
VUPEN: ADV-2011-0194
DEBIAN: DSA-2357
MANDRIVA: MDVSA-2012:144
REDHAT: RHSA-2012:1201
SUSE: SUSE-SR:2011:005
GENTOO: GLSA-201701-57

Launchpad.net

CVE 2010-2642

Related bugs

References