>On Wed, 21 Dec 2011 00:45:59 +0000 >Ken Moffat <[email protected]> wrote: > > lol. Does evince have the vulnerabilities commonly > reported for adobe ? > > ĸen
Umm... I don't know. A search of CVEs (http://cve.mitre.org/data/downloads/index.html) reveales that the last is CVE-2010-2643 which goes like this: "Integer overflow in the TFM font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer." There is a bunch of other CVEis that also reference holes which work with the thumbnailer(!). -- Fourth law of programming: Anything that can go wrong wi sendmail: segmentation violation - core dumped -- http://linuxfromscratch.org/mailman/listinfo/lfs-chat FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
