CVE-2010-2643

evince: Integer overflow in DVI file TFM font parser

Severity Score

7.6

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Integer overflow in the TFM font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.

Desbordamiento de entero en el analizador sintáctico de fuentes TFM en el componente dvi-backend en Evince v2.32 y anteriores permite a los atacantes remotos ejecutar código a su elección a través de una fuente manipulada junto con un fichero DVI que es procesado por el gestor de imágines miniatura. .

*Credits: N/A

Attack Vector

Network

Attack Complexity

High

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

Attack Vector

Network

Attack Complexity

High

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2010-07-06 CVE Reserved
2011-01-06 CVE Published
2023-08-28 EPSS Updated
2024-08-07 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-189: Numeric Errors
CWE-190: Integer Overflow or Wraparound

CAPEC

References (23)

URL	Tag	Source
http://secunia.com/advisories/42872	Third Party Advisory
http://secunia.com/advisories/43068	Third Party Advisory
http://www.securityfocus.com/bid/45678	Vdb Entry
http://www.securitytracker.com/id?1024937	Vdb Entry
http://www.vupen.com/english/advisories/2011/0056	Vdb Entry
http://www.vupen.com/english/advisories/2011/0097	Vdb Entry
http://www.vupen.com/english/advisories/2011/0102	Vdb Entry
http://www.vupen.com/english/advisories/2011/0212	Vdb Entry

URL	Date	SRC

URL	Date	SRC
http://git.gnome.org/browse/evince/commit/?id=d4139205b010ed06310d14284e63114e88ec6de2	2012-01-19
https://bugzilla.redhat.com/show_bug.cgi?id=666321	2011-01-06

URL	Date	SRC
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052910.html	2012-01-19
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052995.html	2012-01-19
http://lists.mandriva.com/security-announce/2011-01/msg00006.php	2012-01-19
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html	2012-01-19
http://secunia.com/advisories/42769	2012-01-19
http://secunia.com/advisories/42821	2012-01-19
http://secunia.com/advisories/42847	2012-01-19
http://www.debian.org/security/2011/dsa-2357	2012-01-19
http://www.redhat.com/support/errata/RHSA-2011-0009.html	2012-01-19
http://www.ubuntu.com/usn/USN-1035-1	2012-01-19
http://www.vupen.com/english/advisories/2011/0029	2012-01-19
http://www.vupen.com/english/advisories/2011/0043	2012-01-19
https://access.redhat.com/security/cve/CVE-2010-2643	2011-01-06

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Redhat Search vendor "Redhat"		Evince Search vendor "Redhat" for product "Evince"				0.1 Search vendor "Redhat" for product "Evince" and version "0.1"		-		Affected
Redhat Search vendor "Redhat"		Evince Search vendor "Redhat" for product "Evince"				0.2 Search vendor "Redhat" for product "Evince" and version "0.2"		-		Affected
Redhat Search vendor "Redhat"		Evince Search vendor "Redhat" for product "Evince"				0.3 Search vendor "Redhat" for product "Evince" and version "0.3"		-		Affected
Redhat Search vendor "Redhat"		Evince Search vendor "Redhat" for product "Evince"				0.4 Search vendor "Redhat" for product "Evince" and version "0.4"		-		Affected
Redhat Search vendor "Redhat"		Evince Search vendor "Redhat" for product "Evince"				0.5 Search vendor "Redhat" for product "Evince" and version "0.5"		-		Affected
Redhat Search vendor "Redhat"		Evince Search vendor "Redhat" for product "Evince"				0.6 Search vendor "Redhat" for product "Evince" and version "0.6"		-		Affected
Redhat Search vendor "Redhat"		Evince Search vendor "Redhat" for product "Evince"				0.7 Search vendor "Redhat" for product "Evince" and version "0.7"		-		Affected
Redhat Search vendor "Redhat"		Evince Search vendor "Redhat" for product "Evince"				0.8 Search vendor "Redhat" for product "Evince" and version "0.8"		-		Affected
Redhat Search vendor "Redhat"		Evince Search vendor "Redhat" for product "Evince"				0.9 Search vendor "Redhat" for product "Evince" and version "0.9"		-		Affected
Redhat Search vendor "Redhat"		Evince Search vendor "Redhat" for product "Evince"				2.19 Search vendor "Redhat" for product "Evince" and version "2.19"		-		Affected
Redhat Search vendor "Redhat"		Evince Search vendor "Redhat" for product "Evince"				2.20 Search vendor "Redhat" for product "Evince" and version "2.20"		-		Affected
Redhat Search vendor "Redhat"		Evince Search vendor "Redhat" for product "Evince"				2.21 Search vendor "Redhat" for product "Evince" and version "2.21"		-		Affected
Redhat Search vendor "Redhat"		Evince Search vendor "Redhat" for product "Evince"				2.22 Search vendor "Redhat" for product "Evince" and version "2.22"		-		Affected
Redhat Search vendor "Redhat"		Evince Search vendor "Redhat" for product "Evince"				2.23 Search vendor "Redhat" for product "Evince" and version "2.23"		-		Affected
Redhat Search vendor "Redhat"		Evince Search vendor "Redhat" for product "Evince"				2.24 Search vendor "Redhat" for product "Evince" and version "2.24"		-		Affected
Redhat Search vendor "Redhat"		Evince Search vendor "Redhat" for product "Evince"				2.25 Search vendor "Redhat" for product "Evince" and version "2.25"		-		Affected
Redhat Search vendor "Redhat"		Evince Search vendor "Redhat" for product "Evince"				2.26 Search vendor "Redhat" for product "Evince" and version "2.26"		-		Affected
Redhat Search vendor "Redhat"		Evince Search vendor "Redhat" for product "Evince"				2.27 Search vendor "Redhat" for product "Evince" and version "2.27"		-		Affected
Redhat Search vendor "Redhat"		Evince Search vendor "Redhat" for product "Evince"				2.28 Search vendor "Redhat" for product "Evince" and version "2.28"		-		Affected
Redhat Search vendor "Redhat"		Evince Search vendor "Redhat" for product "Evince"				2.29 Search vendor "Redhat" for product "Evince" and version "2.29"		-		Affected
Redhat Search vendor "Redhat"		Evince Search vendor "Redhat" for product "Evince"				2.29.92 Search vendor "Redhat" for product "Evince" and version "2.29.92"		-		Affected
Redhat Search vendor "Redhat"		Evince Search vendor "Redhat" for product "Evince"				2.30 Search vendor "Redhat" for product "Evince" and version "2.30"		-		Affected
Redhat Search vendor "Redhat"		Evince Search vendor "Redhat" for product "Evince"				2.30.2 Search vendor "Redhat" for product "Evince" and version "2.30.2"		-		Affected
Redhat Search vendor "Redhat"		Evince Search vendor "Redhat" for product "Evince"				2.30.3 Search vendor "Redhat" for product "Evince" and version "2.30.3"		-		Affected
Redhat Search vendor "Redhat"		Evince Search vendor "Redhat" for product "Evince"				2.31 Search vendor "Redhat" for product "Evince" and version "2.31"		-		Affected
Redhat Search vendor "Redhat"		Evince Search vendor "Redhat" for product "Evince"				2.31.1 Search vendor "Redhat" for product "Evince" and version "2.31.1"		-		Affected
Redhat Search vendor "Redhat"		Evince Search vendor "Redhat" for product "Evince"				2.31.2 Search vendor "Redhat" for product "Evince" and version "2.31.2"		-		Affected
Redhat Search vendor "Redhat"		Evince Search vendor "Redhat" for product "Evince"				2.31.4 Search vendor "Redhat" for product "Evince" and version "2.31.4"		-		Affected
Redhat Search vendor "Redhat"		Evince Search vendor "Redhat" for product "Evince"				2.31.4.1 Search vendor "Redhat" for product "Evince" and version "2.31.4.1"		-		Affected
Redhat Search vendor "Redhat"		Evince Search vendor "Redhat" for product "Evince"				2.31.6 Search vendor "Redhat" for product "Evince" and version "2.31.6"		-		Affected
Redhat Search vendor "Redhat"		Evince Search vendor "Redhat" for product "Evince"				2.31.6.1 Search vendor "Redhat" for product "Evince" and version "2.31.6.1"		-		Affected
Redhat Search vendor "Redhat"		Evince Search vendor "Redhat" for product "Evince"				2.31.90 Search vendor "Redhat" for product "Evince" and version "2.31.90"		-		Affected
Redhat Search vendor "Redhat"		Evince Search vendor "Redhat" for product "Evince"				2.31.92 Search vendor "Redhat" for product "Evince" and version "2.31.92"		-		Affected
Redhat Search vendor "Redhat"		Evince Search vendor "Redhat" for product "Evince"				2.32 Search vendor "Redhat" for product "Evince" and version "2.32"		-		Affected