CVE-2011-5244
Last modified
CVE-2011-5244 is a vulnerability of currently unknown severity. Multiple off-by-one errors in the (1) token and (2) linetoken functions in backend/dvi/mdvi-lib/afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics (AFM) file, different vulnerabilities than CVE-2010-2642 and CVE-2011-0433.. EPSS estimates a 3.36% chance of exploitation in the next 30 days.
Description
Multiple off-by-one errors in the (1) token and (2) linetoken functions in backend/dvi/mdvi-lib/afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics (AFM) file, different vulnerabilities than CVE-2010-2642 and CVE-2011-0433.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Gnome | Evince | All versions |
| T1lib | T1lib | All versions |
| Tetex | Tetex | 3.0 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2011-5244?
How severe is CVE-2011-5244?
How do I fix CVE-2011-5244?
Are you affected by CVE-2011-5244?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST