// For flags

CVE-2010-2642

t1lib: Heap based buffer overflow in DVI file AFM font parser

Severity Score

7.6
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.

Desbordamiento de búfer basado en memoria dinámica en el validador de fuentes AFM (AFM font parser) en el componente dvi-backend de Evince v2.32 y anteriores, permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) o puede que ejecutar código de su elección a través de una fuente manipulada junto con un fichero DVI que es procesado por el thumbnailer.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
High
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
Attack Vector
Network
Attack Complexity
High
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2010-07-06 CVE Reserved
  • 2011-01-06 CVE Published
  • 2023-08-28 EPSS Updated
  • 2024-08-07 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
  • CWE-122: Heap-based Buffer Overflow
CAPEC
References (28)
URL Date SRC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Redhat
Search vendor "Redhat"
Evince
Search vendor "Redhat" for product "Evince"
<= 2.32
Search vendor "Redhat" for product "Evince" and version " <= 2.32"
-
Affected
Redhat
Search vendor "Redhat"
Evince
Search vendor "Redhat" for product "Evince"
0.1
Search vendor "Redhat" for product "Evince" and version "0.1"
-
Affected
Redhat
Search vendor "Redhat"
Evince
Search vendor "Redhat" for product "Evince"
0.2
Search vendor "Redhat" for product "Evince" and version "0.2"
-
Affected
Redhat
Search vendor "Redhat"
Evince
Search vendor "Redhat" for product "Evince"
0.3
Search vendor "Redhat" for product "Evince" and version "0.3"
-
Affected
Redhat
Search vendor "Redhat"
Evince
Search vendor "Redhat" for product "Evince"
0.4
Search vendor "Redhat" for product "Evince" and version "0.4"
-
Affected
Redhat
Search vendor "Redhat"
Evince
Search vendor "Redhat" for product "Evince"
0.5
Search vendor "Redhat" for product "Evince" and version "0.5"
-
Affected
Redhat
Search vendor "Redhat"
Evince
Search vendor "Redhat" for product "Evince"
0.6
Search vendor "Redhat" for product "Evince" and version "0.6"
-
Affected
Redhat
Search vendor "Redhat"
Evince
Search vendor "Redhat" for product "Evince"
0.7
Search vendor "Redhat" for product "Evince" and version "0.7"
-
Affected
Redhat
Search vendor "Redhat"
Evince
Search vendor "Redhat" for product "Evince"
0.8
Search vendor "Redhat" for product "Evince" and version "0.8"
-
Affected
Redhat
Search vendor "Redhat"
Evince
Search vendor "Redhat" for product "Evince"
0.9
Search vendor "Redhat" for product "Evince" and version "0.9"
-
Affected
Redhat
Search vendor "Redhat"
Evince
Search vendor "Redhat" for product "Evince"
2.19
Search vendor "Redhat" for product "Evince" and version "2.19"
-
Affected
Redhat
Search vendor "Redhat"
Evince
Search vendor "Redhat" for product "Evince"
2.20
Search vendor "Redhat" for product "Evince" and version "2.20"
-
Affected
Redhat
Search vendor "Redhat"
Evince
Search vendor "Redhat" for product "Evince"
2.21
Search vendor "Redhat" for product "Evince" and version "2.21"
-
Affected
Redhat
Search vendor "Redhat"
Evince
Search vendor "Redhat" for product "Evince"
2.22
Search vendor "Redhat" for product "Evince" and version "2.22"
-
Affected
Redhat
Search vendor "Redhat"
Evince
Search vendor "Redhat" for product "Evince"
2.23
Search vendor "Redhat" for product "Evince" and version "2.23"
-
Affected
Redhat
Search vendor "Redhat"
Evince
Search vendor "Redhat" for product "Evince"
2.24
Search vendor "Redhat" for product "Evince" and version "2.24"
-
Affected
Redhat
Search vendor "Redhat"
Evince
Search vendor "Redhat" for product "Evince"
2.25
Search vendor "Redhat" for product "Evince" and version "2.25"
-
Affected
Redhat
Search vendor "Redhat"
Evince
Search vendor "Redhat" for product "Evince"
2.26
Search vendor "Redhat" for product "Evince" and version "2.26"
-
Affected
Redhat
Search vendor "Redhat"
Evince
Search vendor "Redhat" for product "Evince"
2.27
Search vendor "Redhat" for product "Evince" and version "2.27"
-
Affected
Redhat
Search vendor "Redhat"
Evince
Search vendor "Redhat" for product "Evince"
2.28
Search vendor "Redhat" for product "Evince" and version "2.28"
-
Affected
Redhat
Search vendor "Redhat"
Evince
Search vendor "Redhat" for product "Evince"
2.29
Search vendor "Redhat" for product "Evince" and version "2.29"
-
Affected
Redhat
Search vendor "Redhat"
Evince
Search vendor "Redhat" for product "Evince"
2.29.92
Search vendor "Redhat" for product "Evince" and version "2.29.92"
-
Affected
Redhat
Search vendor "Redhat"
Evince
Search vendor "Redhat" for product "Evince"
2.30
Search vendor "Redhat" for product "Evince" and version "2.30"
-
Affected
Redhat
Search vendor "Redhat"
Evince
Search vendor "Redhat" for product "Evince"
2.30.2
Search vendor "Redhat" for product "Evince" and version "2.30.2"
-
Affected
Redhat
Search vendor "Redhat"
Evince
Search vendor "Redhat" for product "Evince"
2.30.3
Search vendor "Redhat" for product "Evince" and version "2.30.3"
-
Affected
Redhat
Search vendor "Redhat"
Evince
Search vendor "Redhat" for product "Evince"
2.31
Search vendor "Redhat" for product "Evince" and version "2.31"
-
Affected
Redhat
Search vendor "Redhat"
Evince
Search vendor "Redhat" for product "Evince"
2.31.1
Search vendor "Redhat" for product "Evince" and version "2.31.1"
-
Affected
Redhat
Search vendor "Redhat"
Evince
Search vendor "Redhat" for product "Evince"
2.31.2
Search vendor "Redhat" for product "Evince" and version "2.31.2"
-
Affected
Redhat
Search vendor "Redhat"
Evince
Search vendor "Redhat" for product "Evince"
2.31.4
Search vendor "Redhat" for product "Evince" and version "2.31.4"
-
Affected
Redhat
Search vendor "Redhat"
Evince
Search vendor "Redhat" for product "Evince"
2.31.4.1
Search vendor "Redhat" for product "Evince" and version "2.31.4.1"
-
Affected
Redhat
Search vendor "Redhat"
Evince
Search vendor "Redhat" for product "Evince"
2.31.6
Search vendor "Redhat" for product "Evince" and version "2.31.6"
-
Affected
Redhat
Search vendor "Redhat"
Evince
Search vendor "Redhat" for product "Evince"
2.31.6.1
Search vendor "Redhat" for product "Evince" and version "2.31.6.1"
-
Affected
Redhat
Search vendor "Redhat"
Evince
Search vendor "Redhat" for product "Evince"
2.31.90
Search vendor "Redhat" for product "Evince" and version "2.31.90"
-
Affected
Redhat
Search vendor "Redhat"
Evince
Search vendor "Redhat" for product "Evince"
2.31.92
Search vendor "Redhat" for product "Evince" and version "2.31.92"
-
Affected
T1lib
Search vendor "T1lib"
T1lib
Search vendor "T1lib" for product "T1lib"
5.1.2
Search vendor "T1lib" for product "T1lib" and version "5.1.2"
-
Affected
Tug
Search vendor "Tug"
Tetex
Search vendor "Tug" for product "Tetex"
3.0
Search vendor "Tug" for product "Tetex" and version "3.0"
-
Affected