CVE-2010-2640

Description

Array index error in the PK font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.

CVSS Version 2.0

nvd
CVE ID: CVE-2010-2640
Base Score: 7.6
Base Severity: HIGH
Vector String:AV:N/AC:H/Au:N/C:C/I:C/A:C

Refrence: NVD

Description​

Description