FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-19 20:48:44 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
01a197ca-67f1-11e7-a266-28924a333806	evince and atril -- command injection vulnerability in CBT handler GNOME reports: The comic book backend in evince 3.24.0 (and earlier) is vulnerable to a command injection bug that can be used to execute arbitrary commands when a CBT file is opened. The same vulnerability affects atril, the Evince fork. Discovery 2017-07-06 Entry 2017-07-13 evince le 3.24.0 evince-lite le 3.24.0 atril < 1.18.1 ge 1.19.0 lt 1.19.1 atril-lite < 1.18.1 ge 1.19.0 lt 1.19.1 https://bugzilla.gnome.org/show_bug.cgi?id=784630 https://github.com/mate-desktop/atril/issues/257 CVE-2017-1000083
779a2d55-8ba8-11db-81d5-00123ffe8333	evince -- Buffer Overflow Vulnerability Secunia reports: A vulnerability has been discovered in Evince, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error within the "get_next_text()" function in ps/ps.c. This can be exploited to cause a buffer overflow by e.g. tricking a user into opening a specially crafted PostScript file. Discovery 2006-11-27 Entry 2006-12-14 evince < 0.6.1_1 CVE-2006-5864 http://secunia.com/advisories/23111/

VuXML ID

Description

01a197ca-67f1-11e7-a266-28924a333806

evince and atril -- command injection vulnerability in CBT handler

GNOME reports:

The comic book backend in evince 3.24.0 (and earlier) is vulnerable to a command injection bug that can be used to execute arbitrary commands when a CBT file is opened.

The same vulnerability affects atril, the Evince fork.

Discovery 2017-07-06
Entry 2017-07-13
evince

le 3.24.0

evince-lite

le 3.24.0

atril

< 1.18.1

ge 1.19.0 lt 1.19.1

atril-lite

< 1.18.1

ge 1.19.0 lt 1.19.1

https://bugzilla.gnome.org/show_bug.cgi?id=784630
https://github.com/mate-desktop/atril/issues/257
CVE-2017-1000083

779a2d55-8ba8-11db-81d5-00123ffe8333

evince -- Buffer Overflow Vulnerability

Secunia reports:

A vulnerability has been discovered in Evince, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to a boundary error within the "get_next_text()" function in ps/ps.c. This can be exploited to cause a buffer overflow by e.g. tricking a user into opening a specially crafted PostScript file.

Discovery 2006-11-27
Entry 2006-12-14
evince

< 0.6.1_1

CVE-2006-5864
http://secunia.com/advisories/23111/