CVE-2010-2642
Published Jan 7, 2011
Last updated 7 years ago
Overview
- Description
- Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.
- Source
- cve@mitre.org
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.6
- Impact score
- 10
- Exploitability score
- 4.9
- Vector string
- AV:N/AC:H/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-119
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:evince:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "20283624-F068-45D0-ABCF-F02BAD8105FB",
"versionEndIncluding": "2.32"
},
{
"criteria": "cpe:2.3:a:redhat:evince:0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B2C4D8E2-B5D1-4229-8C4E-A5D3D45CE232"
},
{
"criteria": "cpe:2.3:a:redhat:evince:0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D9B61463-DAAD-42B9-A9E4-7D5C0FC94A26"
},
{
"criteria": "cpe:2.3:a:redhat:evince:0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "682240C5-7830-45AC-A8E8-F012519E3BB5"
},
{
"criteria": "cpe:2.3:a:redhat:evince:0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9299EE95-FB9F-40A3-ACBA-9F8675D04314"
},
{
"criteria": "cpe:2.3:a:redhat:evince:0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5C9D303A-590D-4D6E-A76E-ED05F5CA3A68"
},
{
"criteria": "cpe:2.3:a:redhat:evince:0.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "06F244EC-8257-4B41-8CE1-0BE3F81C6F3B"
},
{
"criteria": "cpe:2.3:a:redhat:evince:0.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "774E0BE3-5F1F-4C39-9ED2-35E1A0FDE845"
},
{
"criteria": "cpe:2.3:a:redhat:evince:0.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3D2EC73E-7AAF-4524-ABA7-5236F1FBD2C3"
},
{
"criteria": "cpe:2.3:a:redhat:evince:0.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6B271944-EAC3-4E79-95BB-58FA1E7EB26B"
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.19:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "47E24A04-E690-4F80-B0F6-7166B01B732A"
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "47173787-5BD5-4131-A8CD-0D00D1187C41"
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.21:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F6508CBF-FC04-441D-9D86-955E6FAA0296"
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.22:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CD94C302-7E99-4F0D-B6CA-9D59120DE5D7"
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.23:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "750B45E1-7D9D-45BE-8B0B-A5B7045DE309"
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.24:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7E840F13-F8BC-4A99-9404-94E2292F02BB"
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.25:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1EEFEFB1-A14F-4100-A4AD-0B28E6A2B84D"
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.26:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2CACCB74-DE05-4619-8E69-38686FFE9BB8"
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.27:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4E72F3DA-2BA2-4D5E-96E4-8DDDBF7200DB"
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.28:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2DCCF82E-BFC7-4459-98C2-54754636664B"
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.29:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6CA2BC54-6E75-493D-953D-DC41ADBCFAE8"
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.29.92:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1660E63C-4CD1-4B43-9A40-0B731FC5C1C2"
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.30:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9E3ED013-4381-4996-96D8-C560EB24C173"
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.30.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "219D9DEE-0720-4871-8DDC-C24F5F6FB056"
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.30.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6456E479-7A12-4904-8054-354AC4FC32AB"
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.31:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ED7BFBC3-4F4F-4E36-BE99-4E6C4CEE2B2F"
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.31.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "62F1AA5A-33FE-4C61-8311-3FE44CE9C04B"
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.31.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0232A03E-43BC-4AC3-8175-BD3BAAB842A3"
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.31.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CAA8CD39-5229-44AF-AC3D-2713E753D782"
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.31.4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F8DC7981-BA67-463C-AA67-96F8EE9C6DD1"
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.31.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4D23AD37-4BBA-4B5B-961F-89AFD892E4C6"
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.31.6.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B8783726-03D8-4DBE-8F2A-DC01B29C18F3"
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.31.90:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AE5419CF-CC0A-451C-A9CE-4CA811EFDCA7"
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.31.92:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DAE1D8FE-395E-4009-B91C-4CC966952837"
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:5.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D1DD1554-BCD4-4D31-ACB2-3788E5CB2407"
},
{
"criteria": "cpe:2.3:a:tug:tetex:3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5143077C-55B7-4D71-A508-4CB4F2BE55A2"
}
],
"operator": "OR"
}
]
}
]