Description
Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow.
Product(s):
- GNOME Evolution
- Gnome Evolution
- GNOME Evolution 0.0.2
- GNOME Evolution 0.0.3
- GNOME Evolution 0.0.4
- GNOME Evolution 0.0.5
- GNOME Evolution 0.0.6
- GNOME Evolution 0.0.7
- GNOME Evolution 0.0.90
- GNOME Evolution 0.0.91
- GNOME Evolution 0.0.92
- GNOME Evolution 0.0.93
- GNOME Evolution 0.0.94.1
- GNOME Evolution 0.0.94
- GNOME Evolution 0.0.95
- GNOME Evolution 0.0.96
- GNOME Evolution 0.0.97
- GNOME Evolution 0.0.98
- GNOME Evolution 0.0.99
- GNOME Evolution 1.0.0
- GNOME Evolution 1.0.1
- GNOME Evolution 1.0.2
- GNOME Evolution 1.0.3
- GNOME Evolution 1.0.4
- GNOME Evolution 1.0.8
- GNOME Evolution 1.1.0
- GNOME Evolution 1.1.1
- GNOME Evolution 1.1.2
- GNOME Evolution 1.1.3
- GNOME Evolution 1.1.4.1
- GNOME Evolution 1.1.4
- GNOME Evolution 1.1.5
- GNOME Evolution 1.1.6
- GNOME Evolution 1.10.2
- GNOME Evolution 1.10.3
- GNOME Evolution 1.11.3
- GNOME Evolution 1.11.4
- GNOME Evolution 1.11.5
- GNOME Evolution 1.11.90
- GNOME Evolution 1.11.91
- GNOME Evolution 1.11.92
- GNOME Evolution 1.11
- GNOME Evolution 1.12.0
- GNOME Evolution 1.12.1
- GNOME Evolution 1.12.2
- GNOME Evolution 1.12.3
- GNOME Evolution 1.2.0
- GNOME Evolution 1.2.1
- GNOME Evolution 1.2.2
- GNOME Evolution 1.2.3
- GNOME Evolution 1.2.4
- GNOME Evolution 1.2
- GNOME Evolution 1.3.1
- GNOME Evolution 1.3.2
- GNOME Evolution 1.3.3.1
- GNOME Evolution 1.3.3
- GNOME Evolution 1.3.4
- GNOME Evolution 1.3.5
- GNOME Evolution 1.3.6.1
- GNOME Evolution 1.3.6
- GNOME Evolution 1.3.7
- GNOME Evolution 1.3.8
- GNOME Evolution 1.4.0
- GNOME Evolution 1.4.1.1
- GNOME Evolution 1.4.1
- GNOME Evolution 1.4.2.1
- GNOME Evolution 1.4.2
- GNOME Evolution 1.4.3
- GNOME Evolution 1.4.4
- GNOME Evolution 1.4.5
- GNOME Evolution 1.4.6
- GNOME Evolution 1.4
- GNOME Evolution 1.5.1
- GNOME Evolution 1.5.3
- GNOME Evolution 1.5.4
- GNOME Evolution 1.5.5
- GNOME Evolution 1.5.9.0
- GNOME Evolution 1.5.91
- GNOME Evolution 1.5.92
- GNOME Evolution 1.5
- GNOME Evolution 1.6.0
- GNOME Evolution 1.6.1
- GNOME Evolution 1.6.2
- GNOME Evolution 1.6.3
- GNOME Evolution 1.7.1
- GNOME Evolution 1.7.2
- GNOME Evolution 1.7.3
- GNOME Evolution 1.7.4
- GNOME Evolution 1.7.90.1
- GNOME Evolution 1.7.90
- GNOME Evolution 1.7.91
- GNOME Evolution 1.7.92
- GNOME Evolution 1.8.0
- GNOME Evolution 1.8.1
- GNOME Evolution 1.8.2
- GNOME Evolution 1.9.1
- GNOME Evolution 1.9.3
- GNOME Evolution 2.0.0
- GNOME Evolution 2.0.1
- GNOME Evolution 2.0.2
- +2 additional
Question to Ask Vendors:
- Can you confirm whether your systems are affected by CVE-2005-0102, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-2005-0102 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions:
- Check out the advisory links provided below.