REDHAT-BUG-679732: Buffer Overflow
First published: Wed Feb 23 2011(Updated: )
A heap-based buffer overflow flaw was found in the way AFM font file parser, used for rendering of DVI files, in GNOME evince document viewer and other products, processed line tokens from the given input stream. A remote attacker could provide a DVI file, with embedded specially-crafted font file, and trick the local user to open it with an application using the AFM font parser, leading to that particular application crash or, potentially, arbitrary code execution with the privileges of the user running the application. Different vulnerability than <a href="https://access.redhat.com/security/cve/CVE-2010-2642">CVE-2010-2642</a>. Upstream bug report: [1] <a href="https://bugzilla.gnome.org/show_bug.cgi?id=640923">https://bugzilla.gnome.org/show_bug.cgi?id=640923</a> Upstream patch: [2] <a href="https://bugzilla.gnome.org/show_bug.cgi?id=640923#c1">https://bugzilla.gnome.org/show_bug.cgi?id=640923#c1</a>
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Evince |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://access.redhat.com/security/cve/CVE-2010-2642
- https://bugzilla.gnome.org/show_bug.cgi?id=640923
- https://bugzilla.gnome.org/show_bug.cgi?id=640923#c1
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=679733
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=679734
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=679735
- https://bugzilla.gnome.org/show_bug.cgi?id=643882
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=772899
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=551814&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=551814&action=edit
- https://rhn.redhat.com/errata/RHSA-2012-0062.html
- https://rhn.redhat.com/errata/RHSA-2012-0137.html
- https://rhn.redhat.com/errata/RHSA-2012-1201.html
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=679732#c0
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=666318
- https://access.redhat.com/security/cve/CVE-2011-0433
- http://git.gnome.org/browse/evince/commit/?id=439c5070022e
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=679732#c11
- http://git.gnome.org/browse/evince/commit/?id=efadec4ffcdd
- https://access.redhat.com/security/cve/CVE-2011-5244
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=878483
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=666318#c30
- https://bugzilla.redhat.com/show_bug.cgi?id=679732
Frequently Asked Questions
What is the severity of REDHAT-BUG-679732?
The severity of REDHAT-BUG-679732 is high due to the potential for a heap-based buffer overflow allowing remote code execution.
How do I fix REDHAT-BUG-679732?
To fix REDHAT-BUG-679732, update the GNOME evince document viewer to the latest version that includes the security patch.
What systems are affected by REDHAT-BUG-679732?
The primary affected system of REDHAT-BUG-679732 is the GNOME evince document viewer.
Can REDHAT-BUG-679732 be exploited remotely?
Yes, REDHAT-BUG-679732 can be exploited remotely by an attacker providing a malicious DVI file.
What are the consequences of an exploit of REDHAT-BUG-679732?
Exploitation of REDHAT-BUG-679732 can lead to execution of arbitrary code on the affected system.
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2011-0433
- agent/references
- agent/severity
- agent/weakness
- agent/description
- agent/event
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/gnome
- canonical/evince