exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2011-005

Mandriva Linux Security Advisory 2011-005
Posted Jan 14, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-005 - Array index error in the PK and VF font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer. Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer. Integer overflow in the TFM font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer. The updated packages have been patched to correct these issues.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2010-2640, CVE-2010-2641, CVE-2010-2642, CVE-2010-2643
SHA-256 | 8a323bca36e45ebc77d98eb8446f88075869ded4422a4035e079a4b5a1b2786e
Download | Favorite | View

Mandriva Linux Security Advisory 2011-005

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2011:005
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : evince
 Date    : January 13, 2011
 Affected: 2010.0, 2010.1, Enterprise Server 5.0
 _______________________________________________________________________

 Problem Description:

 Multiple vulnerabilities has been found and corrected in evince:
 
 Array index error in the PK and VF font parser in the dvi-backend
 component in Evince 2.32 and earlier allows remote attackers to
 cause a denial of service (application crash) or possibly execute
 arbitrary code via a crafted font in conjunction with a DVI file that
 is processed by the thumbnailer (CVE-2010-2640, CVE-2010-2641).
 
 Heap-based buffer overflow in the AFM font parser in the dvi-backend
 component in Evince 2.32 and earlier allows remote attackers to
 cause a denial of service (application crash) or possibly execute
 arbitrary code via a crafted font in conjunction with a DVI file that
 is processed by the thumbnailer (CVE-2010-2642).
 
 Integer overflow in the TFM font parser in the dvi-backend component in
 Evince 2.32 and earlier allows remote attackers to execute arbitrary
 code via a crafted font in conjunction with a DVI file that is
 processed by the thumbnailer (CVE-2010-2643).
 
 The updated packages have been patched to correct these issues.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2640
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2641
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2642
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2643
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2010.0:
 e079913edf4d4f3073865b7d49fe799e  2010.0/i586/evince-2.28.1-1.1mdv2010.0.i586.rpm
 799a7a19999cca73b787ea557fabe48b  2010.0/i586/libevince1-2.28.1-1.1mdv2010.0.i586.rpm
 9da45de2f8808622d87310139ab0cd57  2010.0/i586/libevince-devel-2.28.1-1.1mdv2010.0.i586.rpm 
 8cf3fc28bc224cb6d798986b83ff214b  2010.0/SRPMS/evince-2.28.1-1.1mdv2010.0.src.rpm

 Mandriva Linux 2010.0/X86_64:
 7f547bd0f819bb294155a77992dc3867  2010.0/x86_64/evince-2.28.1-1.1mdv2010.0.x86_64.rpm
 b49ee796665b1f3690aa8604f398da6f  2010.0/x86_64/lib64evince1-2.28.1-1.1mdv2010.0.x86_64.rpm
 2d4d32da719f789cab879b3a057c31e8  2010.0/x86_64/lib64evince-devel-2.28.1-1.1mdv2010.0.x86_64.rpm 
 8cf3fc28bc224cb6d798986b83ff214b  2010.0/SRPMS/evince-2.28.1-1.1mdv2010.0.src.rpm

 Mandriva Linux 2010.1:
 89ccc35a168dc271615257ca3b9dc15b  2010.1/i586/evince-2.30.3-1.1mdv2010.2.i586.rpm
 680a161ca4937b9624d76313f66ece67  2010.1/i586/libevince2-2.30.3-1.1mdv2010.2.i586.rpm
 5f2992bce84180aa51ff1b7a6ceb8ff1  2010.1/i586/libevince-devel-2.30.3-1.1mdv2010.2.i586.rpm 
 1c0b1ce4cb6374b5d83f620669e2ff7f  2010.1/SRPMS/evince-2.30.3-1.1mdv2010.2.src.rpm

 Mandriva Linux 2010.1/X86_64:
 92b2edf7ebcbc5562b3664d328cfbb84  2010.1/x86_64/evince-2.30.3-1.1mdv2010.2.x86_64.rpm
 258d61dca83a88e6a4560e0793ebc35f  2010.1/x86_64/lib64evince2-2.30.3-1.1mdv2010.2.x86_64.rpm
 04afd91e85be6701d28e0b1164e7e41f  2010.1/x86_64/lib64evince-devel-2.30.3-1.1mdv2010.2.x86_64.rpm 
 1c0b1ce4cb6374b5d83f620669e2ff7f  2010.1/SRPMS/evince-2.30.3-1.1mdv2010.2.src.rpm

 Mandriva Enterprise Server 5:
 c5187d89da4344a18e4b757f51946671  mes5/i586/evince-2.24.0-2.2mdvmes5.1.i586.rpm
 5a81c37bff705aa4b7b9cb8e96a4cbb2  mes5/i586/libevince0-2.24.0-2.2mdvmes5.1.i586.rpm
 9e1c0400a275f99fa3a1350b4328e84e  mes5/i586/libevince-devel-2.24.0-2.2mdvmes5.1.i586.rpm 
 d4ac7e1574b982ec49d34cfb61026c77  mes5/SRPMS/evince-2.24.0-2.2mdvmes5.1.src.rpm

 Mandriva Enterprise Server 5/X86_64:
 8f672ce32264b8ca99f5540972a3a7f8  mes5/x86_64/evince-2.24.0-2.2mdvmes5.1.x86_64.rpm
 0882e7a97b30c1ecf1ebf7c1dd1bb191  mes5/x86_64/lib64evince0-2.24.0-2.2mdvmes5.1.x86_64.rpm
 9bce986a11c112a50911390d965be0c9  mes5/x86_64/lib64evince-devel-2.24.0-2.2mdvmes5.1.x86_64.rpm 
 d4ac7e1574b982ec49d34cfb61026c77  mes5/SRPMS/evince-2.24.0-2.2mdvmes5.1.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFNLuyrmqjQ0CJFipgRAi8kAKC7zVrpdQxiuU7w+oVNpNi2l8gAzACfQ14D
YAUn/R+xAZUWOs8ScQUXjXI=
=C2wo
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    0 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close