Ubuntu Update For Evince USN-1347-1 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-1347-1

Solution

Please Install the Updated Packages.

Insight

It was discovered that Evince did not properly parse AFM font files when processing DVI files. If a user were tricked into opening a specially crafted DVI file, an attacker could cause Evince to crash or potentially execute arbitrary code with the privileges of the user invoking the program. In the default installation, attackers would be isolated by the Evince AppArmor profile.

Affected

evince on Ubuntu 11.04 , Ubuntu 10.10 , Ubuntu 10.04 LTS

References

https://lists.ubuntu.com/archives/ubuntu-security-announce/2012-January/001568.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-0433
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Ubuntu Update for bind9 vulnerabilities USN-1025-1
Ubuntu Update for boost vulnerabilities USN-570-1
Ubuntu Update for compiz-fusion-plugins-main vulnerability USN-688-1
Ubuntu Update for apport USN-1668-1
Ubuntu Update for apache2 vulnerability USN-990-2

Ubuntu Update for evince USN-1347-1

Take action and discover your vulnerabilities