Segmentation Fault Vulnerability in Evince Document Viewer
CVE-2013-3718
5.5MEDIUM
Summary
Evince, a widely used document viewer on Linux systems, is susceptible to a vulnerability where it lacks proper validation for the number of pages in documents. This oversight can result in a segmentation fault, potentially crashing the application. Attackers can exploit this flaw by crafting malicious documents with an inappropriate number of pages, leading to unexpected behavior or application instability. Users of Evince are advised to apply available updates to mitigate risk.
References
CVSS V3.1
Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved