Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
641
VMScore

CVE-2005-0102

Published: 24/01/2005 Updated: 08/02/2024
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 641
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Evolution

Vulnerability Summary

Integer overflow in camel-lock-helper in Evolution 2.0.2 and previous versions allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow.

Vulnerable Product Search on Vulmon Subscribe to Product

gnome evolution

debian debian linux 3.0

Vendor Advisories

Ubuntu Security Notice: evolution vulnerability
Max Vozeler discovered an integer overflow in camel-lock-helper An user-supplied length value was not validated, so that a value of -1 caused a buffer allocation of 0 bytes; this buffer was then filled by an arbitrary amount of user-supplied data ...
Red Hat: evolution security update
Synopsis evolution security update Type/Severity Security Advisory: Moderate Topic Updated evolution packages that fix various security issues are now availableThis update has been rated as having moderate security impact by the RedHat Security Response Team Description Evolution is a GNO ...
Red Hat: evolution security update
Synopsis evolution security update Type/Severity Security Advisory: Low Topic Updated evolution packages that fix various bugs are now availableThis update has been rated as having low security impact by the Red HatSecurity Response Team Description Evolution is the GNOME collection of pe ...
Debian Security Advisories: DSA-673-1 evolution -- integer overflow
Max Vozeler discovered an integer overflow in a helper application inside of Evolution, a free groupware suite A local attacker could cause the setuid root helper to execute arbitrary code with elevated privileges For the stable distribution (woody) this problem has been fixed in version 105-1woody2 For the unstable distribution (sid) this pro ...

References

CWE-190http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000925http://www.debian.org/security/2005/dsa-673http://security.gentoo.org/glsa/glsa-200501-35.xmlhttp://www.securityfocus.com/bid/12354http://www.redhat.com/support/errata/RHSA-2005-397.htmlhttp://www.redhat.com/support/errata/RHSA-2005-238.htmlhttp://securitytracker.com/id?1012981http://secunia.com/advisories/13830http://www.mandriva.com/security/advisories?name=MDKSA-2005:024https://exchange.xforce.ibmcloud.com/vulnerabilities/19031https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9616https://usn.ubuntu.com/69-1/https://usn.ubuntu.com/69-1/https://nvd.nist.gov
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middleCVE-2024-34558CVE-2024-32674CVE-2024-34351XPath injectionCVE-2023-45866CVE-2024-25528CVE-2024-25517path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook