Novell Evolution groupware client integer overflow vulnerability

Buffer overflow in camel-lock-helper application...

[ GLSA 200501-35 ] Evolution: Integer overflow in camel-lock-helper

Gentoo Linux Security Advisory GLSA 200501-35 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

CVE-2005-0102

Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow...

DEBIAN-CVE-2005-0102

Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow...

CVE-2005-0102

Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow...

PT-2005-1210 · Evolution +1 · Evolution +1

Name of the Vulnerable Software and Affected Versions: Evolution versions 2.0.2 and earlier Description: The issue allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1. This leads to a zero byte memory allocation and a buffer overflow in the...

evolution -- arbitrary code execution vulnerability

Martin Joey Schulze reports: Max Vozeler discovered an integer overflow in the helper application camel-lock-helper which runs setuid root or setgid mail inside of Evolution, a free groupware suite. A local attacker can cause the setuid root helper to execute arbitrary code with elevated privileg...

CVE-2002-1471

The camel component for Ximian Evolution 1.0.x and earlier does not verify certificates when it establishes a new SSL connection after previously verifying a certificate, which could allow remote attackers to monitor or modify sessions via a man-in-the-middle attack...

CVE-2002-1471

The camel component for Ximian Evolution 1.0.x and earlier does not verify certificates when it establishes a new SSL connection after previously verifying a certificate, which could allow remote attackers to monitor or modify sessions via a man-in-the-middle attack...

CVE-2002-1471

The CVE-2002-1471 issue concerns the camel component used by Ximian Evolution 1.0.x and earlier. It does not verify TLS/SSL certificates when establishing a new SSL connection after an initial verification, which could allow remote attackers to perform a man-in-the-middle attack to monitor or mod...

Ximian Evolution < 1.1.1 camel Component Man-in-the-Middle SSL Session Weakness

Binary data 1306.prm...

Ximian Evolution < 1.2.3 MIME image/* Content-Type Data Injection

Binary data 1308.prm...

Ximian Evolution < 1.2.3 UUEncoding Overflow DoS / Data Injection

Binary data 1307.prm...

Mandrake Linux Security Advisory : gtkhtml (MDKSA-2003:046)

A vulnerability in GtkHTML was discovered by Alan Cox with the Evolution email client. GtkHTML is used to handle HTML messages in Evolution and certain malformed messages could cause Evolution to crash due to this bug. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

Mandrake Linux Security Advisory : evolution (MDKSA-2003:045)

Several vulnerabilities were discovered in the Evolution email client. These problems make it possible for a carefully constructed email message to crash the program, causing general system instability by starving resources. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive tex...

MDKSA-2004:020 - Updated gdk-pixbuf packages fix BMP-handling vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandrakelinux Security Update Advisory Package name: gdk-pixbuf Advisory ID: MDKSA-2004:020 Date: March 10th, 2004 Affected versions: Corporate Server 2.1 Problem Description: A vulnerability in gdk-pixbuf versions before 0.20 exists that could allow ...

Important: Red Hat Security Advisory: : Updated gdk-pixbuf packages fix denial of service vulnerability

Updated gdk-pixbuf packages that fix a denial of service vulnerability that could affect applications such as Evolution are now available. The gdk-pixbuf package contains an image loading library used with the GNOME GUI desktop environment. In Red Hat Linux 9 this library is used by applications,...

DEBIAN-CVE-2003-0296

The IMAP Client for Evolution 1.2.4 allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large literal size values that cause either integer signedness errors or integer overflow errors...

CVE-2003-0296

The IMAP Client for Evolution 1.2.4 allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large literal size values that cause either integer signedness errors or integer overflow errors...

CVE-2003-0296

The IMAP Client for Evolution 1.2.4 allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large literal size values that cause either integer signedness errors or integer overflow errors...