Evince AFM Font File Parser Heap Buffer Overflow Vulnerability

Evince is prone to a heap-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data.

Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition.


 

Privacy Statement
Copyright 2010, SecurityFocus