SUSE CVE-2005-0102

Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow...

Gentoo Security Advisory GLSA 200501-35 (evolution)

The remote host is missing updates announced in advisory GLSA 200501-35. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Ubuntu 4.10 : evolution vulnerability (USN-69-1)

Max Vozeler discovered an integer overflow in camel-lock-helper. An user-supplied length value was not validated, so that a value of -1 caused a buffer allocation of 0 bytes; this buffer was then filled by an arbitrary amount of user-supplied data. A local attacker or a malicious POP3 server coul...

security flaw

Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow...

security flaw

Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow...

GLSA-200501-35 : Evolution: Integer overflow in camel-lock-helper

The remote host is affected by the vulnerability described in GLSA-200501-35 Evolution: Integer overflow in camel-lock-helper Max Vozeler discovered an integer overflow in the camel-lock-helper application, which is installed as setgid mail by default. Impact : A local attacker could exploit this...

CVE-2005-0102

Evolution 2.0.2 and earlier is affected by CVE-2005-0102 due to an integer overflow in camel-lock-helper. A length value of -1 can cause a zero-byte allocation and a buffer overflow, enabling arbitrary code execution by local users or remote malicious POP3 servers. The issue is cited across multi...

[ GLSA 200501-35 ] Evolution: Integer overflow in camel-lock-helper

Gentoo Linux Security Advisory GLSA 200501-35 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

Novell Evolution groupware client integer overflow vulnerability

Buffer overflow in camel-lock-helper application...

USN-69-1: Evolution vulnerability

Max Vozeler discovered an integer overflow in camel-lock-helper. An user-supplied length value was not validated, so that a value of -1 caused a buffer allocation of 0 bytes; this buffer was then filled by an arbitrary amount of user-supplied data. A local attacker or a malicious POP3 server coul...

CVE-2005-0102

Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow...

DEBIAN-CVE-2005-0102

Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow...

PT-2005-1210 · Evolution +1 · Evolution +1

Name of the Vulnerable Software and Affected Versions: Evolution versions 2.0.2 and earlier Description: The issue allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1. This leads to a zero byte memory allocation and a buffer overflow in the...

evolution -- arbitrary code execution vulnerability

Martin Joey Schulze reports: Max Vozeler discovered an integer overflow in the helper application camel-lock-helper which runs setuid root or setgid mail inside of Evolution, a free groupware suite. A local attacker can cause the setuid root helper to execute arbitrary code with elevated privileg...