CVE-2013-3718
published 2019-11-01CVE-2013-3718: evince is missing a check on number of pages which can lead to a segmentation fault
PriorityP418medium5.5CVSS 3.1
AVLACLPRNUIRSUCNINAH
EPSS
1.14%
62.7th percentile
evince is missing a check on number of pages which can lead to a segmentation fault
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | evince | < evince 3.10.0-1 (bookworm) | evince 3.10.0-1 (bookworm) |
| gnome | evince | — | — |
| gnome | evince | — | — |
| gnome | evince | >= 0 < 3.10.0-1 | 3.10.0-1 |
| gnome | evince | >= 0 < 3.10.0-1 | 3.10.0-1 |
| gnome | evince | >= 0 < 3.10.0-1 | 3.10.0-1 |
| gnome | evince | >= 0 < 3.10.0-1 | 3.10.0-1 |
| opensuse | opensuse | — | — |
| redhat | enterprise_linux | — | — |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
osv5.5MEDIUM
vendor_debian5.5MEDIUM
vendor_redhat5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-x6w5-qx5v-2m2q: evince is missing a check on number of pages which can lead to a segmentation fault
ghsa_unreviewed·2022-05-05
CVE-2013-3718 [MEDIUM] CWE-20 GHSA-x6w5-qx5v-2m2q: evince is missing a check on number of pages which can lead to a segmentation fault
evince is missing a check on number of pages which can lead to a segmentation fault
OSV
CVE-2013-3718: evince is missing a check on number of pages which can lead to a segmentation fault
osv·2019-11-01·CVSS 5.5
CVE-2013-3718 [MEDIUM] CVE-2013-3718: evince is missing a check on number of pages which can lead to a segmentation fault
evince is missing a check on number of pages which can lead to a segmentation fault
Red Hat
evince: Missing check of number of pages leads to segmentation fault
vendor_redhat·2013-05-30·CVSS 5.5
CVE-2013-3718 [MEDIUM] evince: Missing check of number of pages leads to segmentation fault
evince: Missing check of number of pages leads to segmentation fault
evince is missing a check on number of pages which can lead to a segmentation fault
Package: evince (Red Hat Enterprise Linux 5) - Will not fix
Package: evince (Red Hat Enterprise Linux 6) - Not affected
Package: evince (Red Hat Enterprise Linux 7) - Not affected
Debian
CVE-2013-3718: evince - evince is missing a check on number of pages which can lead to a segmentation fa...
vendor_debian·2013·CVSS 5.5
CVE-2013-3718 [MEDIUM] CVE-2013-3718: evince - evince is missing a check on number of pages which can lead to a segmentation fa...
evince is missing a check on number of pages which can lead to a segmentation fault
Scope: local
bookworm: resolved (fixed in 3.10.0-1)
bullseye: resolved (fixed in 3.10.0-1)
forky: resolved (fixed in 3.10.0-1)
sid: resolved (fixed in 3.10.0-1)
trixie: resolved (fixed in 3.10.0-1)
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2013-3718 evince: Missing check of number of pages leads to segmentation fault
bugzilla·2016-08-08·CVSS 5.5
CVE-2013-3718 [MEDIUM] CVE-2013-3718 evince: Missing check of number of pages leads to segmentation fault
CVE-2013-3718 evince: Missing check of number of pages leads to segmentation fault
A vulnerability was found in evince. Opening a maliciously crafted pdf file can cause the application to crash.
Bug report (contains reproducer and patches):
https://bugzilla.gnome.org/show_bug.cgi?id=701302
Discussion:
Created evince tracking bugs for this issue:
Affects: fedora-all [bug 1365026]
Bugzilla
CVE-2013-3718 evince: Missing check of number of pages leads to segmentation fault [fedora-all]
bugzilla·2016-08-08·CVSS 5.5
CVE-2013-3718 [MEDIUM] CVE-2013-3718 evince: Missing check of number of pages leads to segmentation fault [fedora-all]
CVE-2013-3718 evince: Missing check of number of pages leads to segmentation fault [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supp
http://bugzilla.gnome.org/show_bug.cgi?id=701302https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-3718https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-3718https://security-tracker.debian.org/tracker/CVE-2013-3718http://bugzilla.gnome.org/show_bug.cgi?id=701302https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-3718https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-3718https://security-tracker.debian.org/tracker/CVE-2013-3718
2019-11-01
Published