Improper input validation in Redhat Evince
CVE-2010-2640
Array index error in the PK font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction w…
Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)
EPSS: 0.082 (92.3th percentile) — read the EPSS interpretation.
Affected products
- Redhat Evince — versions 0.1, 0.2, 0.3
- N/a — versions n/a
Weakness classification (CWE)
References
- 43068 (x_refsource_SECUNIA, third-party-advisory)
- MDVSA-2011:005 (vendor-advisory, x_refsource_MANDRIVA)
- 42872 (x_refsource_SECUNIA, third-party-advisory)
- ADV-2011-0212 (vdb-entry, x_refsource_VUPEN)
- ADV-2011-0043 (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
- ADV-2011-0029 (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
- FEDORA-2011-0224 (x_refsource_FEDORA, vendor-advisory)
- 42769 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
- ADV-2011-0097 (vdb-entry, x_refsource_VUPEN)
- DSA-2357 (vendor-advisory, x_refsource_DEBIAN)