Search for vulnerabilities
Vulnerability details: VCID-y5sg-3whu-aaam
Vulnerability ID VCID-y5sg-3whu-aaam
Aliases CVE-2011-5244
Summary Multiple off-by-one errors in the (1) token and (2) linetoken functions in backend/dvi/mdvi-lib/afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics (AFM) file, different vulnerabilities than CVE-2010-2642 and CVE-2011-0433.
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-189 Numeric Errors
CWE-193 Off-by-one Error
System Score Found at
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.01775 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.03675 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.03675 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.03675 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.03675 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.03675 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.03675 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.03675 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.03675 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.03675 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.03675 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.03675 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.03675 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
epss 0.04948 https://api.first.org/data/v1/epss?cve=CVE-2011-5244
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=878483
cvssv2 6.8 https://nvd.nist.gov/vuln/detail/CVE-2011-5244
Reference id Reference type URL
http://git.gnome.org/browse/evince/commit/?id=439c5070022e
http://git.gnome.org/browse/evince/commit/?id=d4139205b010
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-5244.json
https://api.first.org/data/v1/epss?cve=CVE-2011-5244
https://bugzilla.gnome.org/show_bug.cgi?id=643882
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5244
https://exchange.xforce.ibmcloud.com/vulnerabilities/80271
https://security.gentoo.org/glsa/201701-57
http://www.openwall.com/lists/oss-security/2011/03/04/21
878483 https://bugzilla.redhat.com/show_bug.cgi?id=878483
cpe:2.3:a:gnome:evince:-:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnome:evince:-:*:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:t1lib:t1lib:*:*:*:*:*:*:*:*
cpe:2.3:a:tetex:tetex:3.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tetex:tetex:3.0:*:*:*:*:*:*:*
CVE-2011-5244 https://nvd.nist.gov/vuln/detail/CVE-2011-5244
No exploits are available.
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2011-5244
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.81037
EPSS Score 0.01775
Published At March 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.