Release date:
Updated on:
Affected Systems:
GNOME Evince 2.32
GNOME Evince 2.23
GNOME Evince 0.6.1
GNOME Evince 0.5.2
GNOME Evince 0.4
GNOME Evince 0.1.5
Description:
--------------------------------------------------------------------------------
Bugtraq id: 47168
Cve id: CVE-2011-0433
Evince is a tool for viewing PDF, PostScript, DjVu, TIFF, and DVI documents in GNOME desktop environments.
When processing malformed DVI files, Evince has a heap buffer overflow vulnerability, which can be exploited by remote attackers to execute arbitrary code.
<* Source: Jan Lieskovsky (jlieskov@redhat.com)
Link: https://bugzilla.redhat.com/show_bug.cgi? CVE-2011-0433
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
GNOME
-----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.gnome.org/