Integer overflow in the TFM font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.
Vector
NETWORK
Complexity
HIGH
Authentication
NONE
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE
Redhat Evince 2.25 (not an official CPE)
Redhat Evince 2.24 (not an official CPE)
Redhat Evince 2.32 (not an official CPE)
Redhat Evince 2.31 (not an official CPE)
Redhat Evince 2.30 (not an official CPE)
Redhat Evince 2.31.4.1 (not an official CPE)
Redhat Evince 2.31.2 (not an official CPE)
Redhat Evince 2.31.6 (not an official CPE)
Redhat Evince 2.31.4 (not an official CPE)
Redhat Evince 2.28 (not an official CPE)
Redhat Evince 2.29 (not an official CPE)
Redhat Evince 2.30.3 (not an official CPE)
Redhat Evince 2.26 (not an official CPE)
Redhat Evince 2.27 (not an official CPE)
Redhat Evince 2.29.92 (not an official CPE)
Redhat Evince 2.19 (not an official CPE)
Redhat Evince 2.31.1 (not an official CPE)
Redhat Evince 2.31.6.1 (not an official CPE)
Redhat Evince 2.31.90 (not an official CPE)
Redhat Evince 2.30.2 (not an official CPE)
Redhat Evince 2.31.92 (not an official CPE)
Redhat Evince 0.7 (not an official CPE)
Redhat Evince 0.6 (not an official CPE)
Redhat Evince 0.5 (not an official CPE)
Redhat Evince 0.4 (not an official CPE)
Redhat Evince 0.9 (not an official CPE)
Redhat Evince 0.8 (not an official CPE)
Redhat Evince 0.3 (not an official CPE)
Redhat Evince 2.22 (not an official CPE)
Redhat Evince 0.2 (not an official CPE)
Redhat Evince 2.23 (not an official CPE)
Redhat Evince 0.1 (not an official CPE)
Redhat Evince 2.20 (not an official CPE)
Redhat Evince 2.21 (not an official CPE)