QwikSec

Security Database

CVE

CWE

Training

CVE-2011-0433

Published: Nov 19, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

Heap-based buffer overflow in the linetoken function in afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics (AFM) file, a different vulnerability than CVE-2010-2642.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://bugzilla.redhat.com/show_bug.cgi?id=679732

x_refsource_CONFIRM

third-party-advisory

x_refsource_SECUNIA

http://xorl.wordpress.com/2011/02/20/cve-2011-0433-evince-linetoken-buffer-overflow/

x_refsource_MISC

vendor-advisory

x_refsource_REDHAT

https://bugzilla.gnome.org/show_bug.cgi?id=640923

x_refsource_CONFIRM

vendor-advisory

x_refsource_MANDRIVA

vendor-advisory

x_refsource_GENTOO

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.