Vulnerability in Gnome Evince
CVE-2011-5244
Multiple off-by-one errors in the (1) token and (2) linetoken functions in backend/dvi/mdvi-lib/afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allow remote attackers to cause a denial of service (cr…
EPSS: 0.018 (83.0th percentile) — read the EPSS interpretation.
Affected products
- Gnome Evince
- T1lib
- Tetex — versions 3.0
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (x_refsource_CONFIRM)
- evince-token-code-exec(80271) (vdb-entry, x_refsource_XF)
- [oss-security] 20110304 Re: Re: CVE request: More Evince overflows (mailing-list, x_refsource_MLIST)
- cve@mitre.org (x_refsource_MISC)
- GLSA-201701-57 (vendor-advisory, x_refsource_GENTOO)
- cve@mitre.org (x_refsource_MISC)