| CVE-2017-1000159 | Hig | 0.51 | 7.8 | 0.00 | | Nov 27, 2017 | Command injection in evince via filename when printing to PDF. This affects versions earlier than 3.25.91. |
| CVE-2011-5244 | | 0.00 | — | 0.02 | | Nov 19, 2012 | Multiple off-by-one errors in the (1) token and (2) linetoken functions in backend/dvi/mdvi-lib/afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics (AFM) file, different vulnerabilities than CVE-2010-2642 and CVE-2011-0433. |
| CVE-2011-0433 | | 0.00 | — | 0.02 | | Nov 19, 2012 | Heap-based buffer overflow in the linetoken function in afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics (AFM) file, a different vulnerability than CVE-2010-2642. |
