CVE-2010-2641
EPSS 8.2%
Description
Array index error in the VF font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.
How to fix CVE-2010-2641
To remediate CVE-2010-2641, upgrade the affected package to a fixed version below.
- Debian/evince—upgrade to 2.30.3-2 or later
Is CVE-2010-2641 being exploited?
Moderate — EPSS is 8.2%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (1)
- from 0, < 2.30.3-2