Lucene search

MitreCVE-2010-2640

HistoryJan 07, 2011 - 7:00 p.m.

CVE-2010-2640

2011-01-0719:00:17

CWE-20

mitre

web.nvd.nist.gov

cve

2010

2640

array index error

pk font parser

evince

dvi-backend

denial of service

application crash

CVSS2

7.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

AI Score

7.7

Confidence

Low

EPSS

0.062

Percentile

93.6%

JSON

Array index error in the PK font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.

Affected configurations

Nvd

Node

redhatevinceRange≤2.32

redhatevinceMatch0.1

redhatevinceMatch0.2

redhatevinceMatch0.3

redhatevinceMatch0.4

redhatevinceMatch0.5

redhatevinceMatch0.6

redhatevinceMatch0.7

redhatevinceMatch0.8

redhatevinceMatch0.9

redhatevinceMatch2.19

redhatevinceMatch2.20

redhatevinceMatch2.21

redhatevinceMatch2.22

redhatevinceMatch2.23

redhatevinceMatch2.24

redhatevinceMatch2.25

redhatevinceMatch2.26

redhatevinceMatch2.27

redhatevinceMatch2.28

redhatevinceMatch2.29

redhatevinceMatch2.29.92

redhatevinceMatch2.30

redhatevinceMatch2.30.2

redhatevinceMatch2.30.3

redhatevinceMatch2.31

redhatevinceMatch2.31.1

redhatevinceMatch2.31.2

redhatevinceMatch2.31.4

redhatevinceMatch2.31.4.1

redhatevinceMatch2.31.6

redhatevinceMatch2.31.6.1

redhatevinceMatch2.31.90

redhatevinceMatch2.31.92

VendorProductVersionCPE
redhatevince*cpe:2.3:a:redhat:evince:*:*:*:*:*:*:*:*
redhatevince0.1cpe:2.3:a:redhat:evince:0.1:*:*:*:*:*:*:*
redhatevince0.2cpe:2.3:a:redhat:evince:0.2:*:*:*:*:*:*:*
redhatevince0.3cpe:2.3:a:redhat:evince:0.3:*:*:*:*:*:*:*
redhatevince0.4cpe:2.3:a:redhat:evince:0.4:*:*:*:*:*:*:*
redhatevince0.5cpe:2.3:a:redhat:evince:0.5:*:*:*:*:*:*:*
redhatevince0.6cpe:2.3:a:redhat:evince:0.6:*:*:*:*:*:*:*
redhatevince0.7cpe:2.3:a:redhat:evince:0.7:*:*:*:*:*:*:*
redhatevince0.8cpe:2.3:a:redhat:evince:0.8:*:*:*:*:*:*:*
redhatevince0.9cpe:2.3:a:redhat:evince:0.9:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
redhat	evince	*	cpe:2.3:a:redhat:evince::::::::
redhat	evince	0.1	cpe:2.3:a:redhat:evince:0.1:::::::*
redhat	evince	0.2	cpe:2.3:a:redhat:evince:0.2:::::::*
redhat	evince	0.3	cpe:2.3:a:redhat:evince:0.3:::::::*
redhat	evince	0.4	cpe:2.3:a:redhat:evince:0.4:::::::*
redhat	evince	0.5	cpe:2.3:a:redhat:evince:0.5:::::::*
redhat	evince	0.6	cpe:2.3:a:redhat:evince:0.6:::::::*
redhat	evince	0.7	cpe:2.3:a:redhat:evince:0.7:::::::*
redhat	evince	0.8	cpe:2.3:a:redhat:evince:0.8:::::::*
redhat	evince	0.9	cpe:2.3:a:redhat:evince:0.9:::::::*