Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow.
References
Link | Resource |
---|---|
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000925 | Broken Link Patch Vendor Advisory |
http://secunia.com/advisories/13830 | Broken Link |
http://security.gentoo.org/glsa/glsa-200501-35.xml | Third Party Advisory |
http://securitytracker.com/id?1012981 | Broken Link Third Party Advisory VDB Entry |
http://www.debian.org/security/2005/dsa-673 | Mailing List Patch Third Party Advisory |
http://www.mandriva.com/security/advisories?name=MDKSA-2005:024 | Third Party Advisory |
http://www.redhat.com/support/errata/RHSA-2005-238.html | Broken Link |
http://www.redhat.com/support/errata/RHSA-2005-397.html | Broken Link Patch Vendor Advisory |
http://www.securityfocus.com/bid/12354 | Broken Link Patch Third Party Advisory VDB Entry Vendor Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/19031 | Third Party Advisory VDB Entry |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9616 | Broken Link |
https://usn.ubuntu.com/69-1/ | Broken Link |
Configurations
History
08 Feb 2024, 18:39
Type | Values Removed | Values Added |
---|---|---|
First Time |
Debian debian Linux
Debian Gnome evolution Gnome |
|
CWE | CWE-190 | |
CVSS |
v2 : v3 : |
v2 : 7.2
v3 : 9.8 |
References | (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/19031 - Third Party Advisory, VDB Entry | |
References | (SECUNIA) http://secunia.com/advisories/13830 - Broken Link | |
References | (REDHAT) http://www.redhat.com/support/errata/RHSA-2005-238.html - Broken Link | |
References | (REDHAT) http://www.redhat.com/support/errata/RHSA-2005-397.html - Broken Link, Patch, Vendor Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/69-1/ - Broken Link | |
References | (GENTOO) http://security.gentoo.org/glsa/glsa-200501-35.xml - Third Party Advisory | |
References | (CONECTIVA) http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000925 - Broken Link, Patch, Vendor Advisory | |
References | (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9616 - Broken Link | |
References | (SECTRACK) http://securitytracker.com/id?1012981 - Broken Link, Third Party Advisory, VDB Entry | |
References | (MANDRAKE) http://www.mandriva.com/security/advisories?name=MDKSA-2005:024 - Third Party Advisory | |
References | (BID) http://www.securityfocus.com/bid/12354 - Broken Link, Patch, Third Party Advisory, VDB Entry, Vendor Advisory | |
References | (DEBIAN) http://www.debian.org/security/2005/dsa-673 - Mailing List, Patch, Third Party Advisory | |
CPE | cpe:2.3:a:ximian:evolution:1.2.2:*:*:*:*:*:*:* cpe:2.3:a:ximian:evolution:1.2.3:*:*:*:*:*:*:* cpe:2.3:a:ximian:evolution:1.3.2_beta:*:*:*:*:*:*:* |
cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:* cpe:2.3:a:gnome:evolution:*:*:*:*:*:*:*:* |
Information
Published : 2005-01-24 05:00
Updated : 2024-02-28 10:42
NVD link : CVE-2005-0102
Mitre link : CVE-2005-0102
CVE.ORG link : CVE-2005-0102
JSON object : View
Products Affected
debian
- debian_linux
gnome
- evolution
CWE
CWE-190
Integer Overflow or Wraparound