CVE-2019-11459
published 2019-04-22CVE-2019-11459: The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from…
medium5.5CVSS 3.1
AVLACLPRNUIRSUCHINAN
The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to uninitialized memory use when processing certain TIFF image files.
Affected
36 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | atril | < atril 1.22.3-1 (bookworm) | atril 1.22.3-1 (bookworm) |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | evince | < atril 1.22.3-1 (bookworm) | atril 1.22.3-1 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| gnome | evince | <= 3.32.0 | — |
| gnome | evince | >= 0 < 3.32.0-3 | 3.32.0-3 |
| gnome | evince | >= 0 < 3.32.0-3 | 3.32.0-3 |
| gnome | evince | >= 0 < 3.32.0-3 | 3.32.0-3 |
| gnome | evince | >= 0 < 3.32.0-3 | 3.32.0-3 |
| mate-desktop | atril | >= 0 < 1.22.3-1 | 1.22.3-1 |
| mate-desktop | atril | >= 0 < 1.22.3-1 | 1.22.3-1 |
| mate-desktop | atril | >= 0 < 1.22.3-1 | 1.22.3-1 |
| mate-desktop | atril | >= 0 < 1.22.3-1 | 1.22.3-1 |
| mate-desktop | atril | >= 0 < 1.24.0-1ubuntu0.2 | 1.24.0-1ubuntu0.2 |
| mate-desktop | atril | >= 0 < 1.26.0-1ubuntu1.2 | 1.26.0-1ubuntu1.2 |
| mate-desktop | atril | >= 0 < 1.20.1-2ubuntu2+esm2 | 1.20.1-2ubuntu2+esm2 |
| opensuse | leap | — | — |
| opensuse | leap | — | — |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
osv7.8HIGH