cbcvebase.
CVE-2010-2641
published 2011-01-07

CVE-2010-2641: Array index error in the VF font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to cause a denial of service…

PriorityP336high7.6CVSS 2.0
AVNACHAuNCCICAC
EPSS
4.93%
91.1th percentile
Array index error in the VF font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.

Affected

39 ranges· showing 25
VendorProductVersion rangeFixed in
debianevince< evince 2.30.3-2 (bookworm)evince 2.30.3-2 (bookworm)
gnomeevince>= 0 < 2.30.3-22.30.3-2
gnomeevince>= 0 < 2.30.3-22.30.3-2
gnomeevince>= 0 < 2.30.3-22.30.3-2
gnomeevince>= 0 < 2.30.3-22.30.3-2
redhatevince<= 2.32
redhatevince
redhatevince
redhatevince
redhatevince
redhatevince
redhatevince
redhatevince
redhatevince
redhatevince
redhatevince
redhatevince
redhatevince
redhatevince
redhatevince
redhatevince
redhatevince
redhatevince
redhatevince
redhatevince

CVSS provenance

nvdv2.07.6HIGHAV:N/AC:H/Au:N/C:C/I:C/A:C
osv7.6HIGH
vendor_debian7.6HIGH
vendor_redhat7.6HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.