Back to search
CVE-2019-1010006
Published: Jul 15, 2019
Modified: Aug 5, 2024
PUBLISHED
Description
Evince 3.26.0 is affected by buffer overflow. The impact is: DOS / Possible code execution. The component is: backend/tiff/tiff-document.c. The attack vector is: Victim must open a crafted PDF file. The issue occurs because of an incorrect integer overflow protection mechanism in tiff_document_render and tiff_document_get_thumbnail.
| Vendor | Product | Versions |
|---|---|---|
Evince Team | Evince | affected 3.26.0 |
References
https://bugzilla.gnome.org/show_bug.cgi?id=788980
x_refsource_MISC
http://bugzilla.maptools.org/show_bug.cgi?id=2745
x_refsource_MISC
USN-4067-1
vendor-advisory
x_refsource_UBUNTU
[debian-lts-announce] 20190813 [SECURITY] [DLA 1881-1] evince security update
mailing-list
x_refsource_MLIST
[debian-lts-announce] 20190813 [SECURITY] [DLA 1882-1] atril security update
mailing-list
x_refsource_MLIST
openSUSE-SU-2019:1908
vendor-advisory
x_refsource_SUSE
DSA-4624
vendor-advisory
x_refsource_DEBIAN
20200216 [SECURITY] [DSA 4624-1] evince security update
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now