Buffer overflow in T1lib

CVE-2010-2642

Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service (application crash) or poss…

Vulnerability class: Buffer Overflow

EPSS: 0.148 (94.6th percentile) — read the EPSS interpretation.

Affected products

T1lib — versions 5.1.2
Tug Tetex — versions 3.0
Redhat Evince — versions 0.1, 0.2, 0.3
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

MDVSA-2011:005 (vendor-advisory, x_refsource_MANDRIVA)
MDVSA-2011:016 (vendor-advisory, x_refsource_MANDRIVA)
42872 (x_refsource_SECUNIA, third-party-advisory)
ADV-2011-0043 (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
ADV-2011-0029 (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
FEDORA-2011-0224 (x_refsource_FEDORA, vendor-advisory)
42769 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
SUSE-SR:2011:005 (vendor-advisory, x_refsource_SUSE)
RHSA-2012:1201 (x_refsource_REDHAT, vendor-advisory)
ADV-2011-0097 (vdb-entry, x_refsource_VUPEN)