{"alias":[],"description":"Heap-based buffer overflow in the linetoken function in afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics (AFM) file, a different vulnerability than CVE-2010-2642.","epss":{"percentile":"0.83332","score":"0.018920"},"id":"CVE-2011-0433","metrics":{"cvss2":{"ac_insuf_info":0,"access_complexity":"MEDIUM","access_vector":"NETWORK","authentication":"NONE","availability_impact":"PARTIAL","base_score":6.8,"base_severity":"MEDIUM","confidentiality_impact":"PARTIAL","exploitability_score":8.6,"impact_score":6.4,"integrity_impact":"PARTIAL","obtain_all_privilege":0,"obtain_other_privilege":0,"obtain_user_privilege":0,"user_interaction_required":1,"vector_string":"AV:N\/AC:M\/Au:N\/C:P\/I:P\/A:P","version":"2.0"}},"modified":"2026-04-29T01:13:23","nvd_status":"Modified","published":"2012-11-19T12:10:48","score":6.8,"severity":"MEDIUM","source":"cve@mitre.org","status":"PUBLISHED","weaknesses":[{"id":"CWE-119","name":"Improper Restriction of Operations within the Bounds of a Memory Buffer","type":"weakness"}]}