CVE-2006-0528

The cairo library libcairo, as used in GNOME Evolution and possibly other products, allows remote attackers to cause a denial of service persistent client crash via an attached text file that contains "Content-Disposition: inline" in the header, and a very long line in the body, which causes the...

Buffer overflow

The cairo library libcairo, as used in GNOME Evolution and possibly other products, allows remote attackers to cause a denial of service persistent client crash via an attached text file that contains "Content-Disposition: inline" in the header, and a very long line in the body, which causes the...

CVE-2006-0528

The cairo library libcairo, as used in GNOME Evolution and possibly other products, allows remote attackers to cause a denial of service persistent client crash via an attached text file that contains "Content-Disposition: inline" in the header, and a very long line in the body, which causes the...

CVE-2006-0528

The cairo library libcairo, as used in GNOME Evolution and possibly other products, allows remote attackers to cause a denial of service persistent client crash via an attached text file that contains "Content-Disposition: inline" in the header, and a very long line in the body, which causes the...

CVE-2006-0528

The CVE-2006-0528 entry concerns the cairo library (libcairo) used by GNOME Evolution. Affected component: cairo rendering of email attachments. Root cause: parsing an attachment with a header containing "Content-Disposition: inline" and a very long body line can trigger repeated client crashes, ...

Ximian Evolution < 2.3.8 Inline XML Content-parsing Overflow

Binary data 3388.prm...

GNOME Evolution 2.2.32.3.x - Inline XML File Attachment Buffer Overflow

GNOME Evolution 2.2.32.3.x - Inline XML File Attachment Buffer Overflow source: https://www.securityfocus.com/bid/16408/info GNOME Evolution email client is prone to a denial-of-service vulnerability when processing messages containing inline XML file attachments with excessively long strings. pe...

[Full-disclosure] gnome evolution mail client inline text file DoS issue

i admit, i posted this bug just a short while ago, but since its an anoyance more then a vuln.. i dont really care.. be glad i didnt demo it here : for evolution users anyway so the issue is with text based file attachments with the "Content-Disposition" set to "inline".. if this text file contai...

GNOME Evolution 2.2.3/2.3.x - Inline XML File Attachment Buffer Overflow

source: https://www.securityfocus.com/bid/16408/info GNOME Evolution email client is prone to a denial-of-service vulnerability when processing messages containing inline XML file attachments with excessively long strings. perl -e 'printf "A"x40000' evolution-dos-poc.xml...

Ubuntu 4.10 / 5.04 : tiff vulnerability (USN-156-1)

Wouter Hanegraaff discovered that the TIFF library did not sufficiently validate the 'YCbCr subsampling' value in TIFF image headers. Decoding a malicious image with a zero value resulted in an arithmetic exception, which caused the program that uses the TIFF library to crash. This leads to a...

Ubuntu 4.10 / 5.04 : evolution vulnerabilities (USN-166-1)

Ulf Harnhammar disovered several format string vulnerabilities in Evolution. By tricking an user into viewing a specially crafted vCard attached to an email, specially crafted contact data from an LDAP server, specially crafted task lists from remote servers, or saving Calendar entries with this...

Opera may execute command line embedded in URLs

Opera for UNIX uses a wrapper shell script to start up Opera.This shell script reads the input arguments, like the file namesor URLs that Opera is to open. It also performs some environmentchecks, for example whether Java is available and if so, where itis located.This wrapper script can also run...

opera -- command line URL shell command injection

An Opera Advisory reports: Opera for UNIX uses a wrapper shell script to start up Opera. This shell script reads the input arguments, like the file names or URLs that Opera is to open. It also performs some environment checks, for example whether Java is available and if so, where it is located...

SUSE-SA:2005:054: evolution

The remote host is missing the patch for the advisory SUSE-SA:2005:054 evolution. Several format string bugs allowed remote attackers to cause evolution to crash or even execute code via full vCard data, contact data from remote LDAP servers, task list data from remote servers CVE-2005-2549 or...

Mandrake Linux Security Advisory : evolution (MDKSA-2005:141)

Multiple format string vulnerabilities in Evolution 1.5 through 2.3.6.1 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via 1 full vCard data, 2 contact data from remote LDAP servers, or 3 task list data from remote servers. CVE-2005-2549 A format...

Fedora Core 3 : evolution-2.0.4-2 (2005-255)

There were several security flaws found in the mozilla package, which evolution depends on. Users of evolution are advised to upgrade to this updated package which has been rebuilt against a later version of mozilla which is not vulnerable to these flaws. Note that Tenable Network Security has...

Fedora Core 3 : evolution-2.0.4-6 (2005-742)

Fix for SITIC Vulnerability Advisory SA05-001 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

Fedora Core 3 : evolution-2.0.4-4 (2005-338)

Fri Apr 22 2005 David Malcolm - 2.0.4-4 - Added the correct patch this time - Wed Apr 20 2005 David Malcolm - 2.0.4-3 - Added patch for 155378 CVE-2005-0806 - Updated mozillabuildversion from 1.7.6 to 1.7.7 Note that Tenable Network Security has extracted the preceding description block directly...

RHEL 4 : Evolution (RHSA-2005:267)

The remote Redhat Enterprise Linux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2005:267 advisory. Evolution is the GNOME collection of personal information management PIM tools. A format string bug was found in Evolution. If a user tries t...

evolution security update

CentOS Errata and Security Advisory CESA-2005:267 Updated evolution packages that fix a format string issue are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. Evolution is the GNOME collection of personal information management...