CVE-2006-2789

Evolution 2.2.x/2.3.x on GNOME 2.7/2.8 is affected. When the option “load images if sender in addressbook” is enabled, a crafted From header can trigger an assert in camel-internet-address.c using a null pointer, causing a persistent crash (denial of service). This vulnerability is evidenced acro...

FreeBSD : opera -- command line URL shell command injection (dfc1daa8-61de-11da-b64c-0001020eed82)

An Opera Advisory reports : Opera for UNIX uses a wrapper shell script to start up Opera. This shell script reads the input arguments, like the file names or URLs that Opera is to open. It also performs some environment checks, for example whether Java is available and if so, where it is located...

FreeBSD : evolution -- remote format string vulnerabilities (e5afdf63-1746-11da-978e-0001020eed82)

A SITIC Vulnerability Advisory reports : Evolution suffers from several format string bugs when handling data from remote sources. These bugs lead to crashes or the execution of arbitrary assembly language code. - The first format string bug occurs when viewing the full vCard data attached to an...

USN-265-1: cairo/Evolution library vulnerability

When rendering glyphs, the cairo graphics rendering library did not check the maximum length of character strings. A request to display an excessively long string with cairo caused a program crash due to an X library error. Mike Davis discovered that this could be turned into a Denial of Service...

[SECURITY] [DSA 1016-1] New evolution packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 1016-1 [email protected] http://www.debian.org/security/ Martin Schulze March 23rd, 2006 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1016-1] New evolution packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 1016-1 [email protected] http://www.debian.org/security/ Martin Schulze March 23rd, 2006 http://www.debian.org/security/faq -...

DSA-1016-1 evolution - format string vulnerabilities

Bulletin has no description...

[ MDKSA-2006:057 ] - Updated cairo packages to address Evolution DoS vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2006:057 http://www.mandriva.com/security/ Package : cairo Date : March 20, 2006 Affected: 2006.0 Problem Description: GNOME Evolution allows remote attackers to cause a denial of service persistent client crash...

Gnome Evolution mail client DoS

Inline text attachment with oversized string causes application to hang...

Code injection

GNOME Evolution 2.4.2.1 and earlier allows remote attackers to cause a denial of service CPU and memory consumption via a text e-mail with a large number of URLs, possibly due to unknown problems in gtkhtml...

CVE-2006-0040

GNOME Evolution 2.4.2.1 and earlier allows remote attackers to cause a denial of service CPU and memory consumption via a text e-mail with a large number of URLs, possibly due to unknown problems in gtkhtml...

CVE-2006-0040

GNOME Evolution 2.4.2.1 and earlier allows remote attackers to cause a denial of service CPU and memory consumption via a text e-mail with a large number of URLs, possibly due to unknown problems in gtkhtml...

CVE-2006-0040

GNOME Evolution 2.4.2.1 and earlier allows remote attackers to cause a denial of service CPU and memory consumption via a text e-mail with a large number of URLs, possibly due to unknown problems in gtkhtml...

DEBIAN-CVE-2006-0040

GNOME Evolution 2.4.2.1 and earlier allows remote attackers to cause a denial of service CPU and memory consumption via a text e-mail with a large number of URLs, possibly due to unknown problems in gtkhtml...

CVE-2006-0040

GNOME Evolution 2.4.2.1 and earlier allows remote attackers to cause a denial of service CPU and memory consumption via a text e-mail with a large number of URLs, possibly due to unknown problems in gtkhtml...

CVE-2006-0040

GNOME Evolution 2.4.2.1 and earlier allows remote attackers to cause a denial of service CPU and memory consumption via a text e-mail with a large number of URLs, possibly due to unknown problems in gtkhtml...

CVE-2006-0040

CVE-2006-0040 affects GNOME Evolution 2.4.2.1 and earlier. A remote attacker can trigger a denial of service by sending a text email containing a very large number of URLs, leading to increased CPU and memory usage. The root cause is noted as potentially related to gtkhtml, but the exact flaw is ...

Evolution mail agent DoS

Large plain text message with large number of URL causes application to hang...

Evolution Emailer DoS

About 7 weeks ago an automated mailing list spewed a large but valid email containing a lot of URLS and other formatting. When this email is fed into evolution the behaviour it causes leads evolution to expand dramatically in size and eat vast amounts of CPU time. If you've got a lot of patience...

Important: Red Hat Security Advisory: gnutls security update

Updated gnutls packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The GNU TLS Library provides support for cryptographic algorithms and protocols such as TLS. GN...