14 matches found
SUSE CVE-2005-0102
Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow...
Gentoo Security Advisory GLSA 200501-35 (evolution)
The remote host is missing updates announced in advisory GLSA 200501-35. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Ubuntu 4.10 : evolution vulnerability (USN-69-1)
Max Vozeler discovered an integer overflow in camel-lock-helper. An user-supplied length value was not validated, so that a value of -1 caused a buffer allocation of 0 bytes; this buffer was then filled by an arbitrary amount of user-supplied data. A local attacker or a malicious POP3 server coul...
security flaw
Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow...
security flaw
Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow...
GLSA-200501-35 : Evolution: Integer overflow in camel-lock-helper
The remote host is affected by the vulnerability described in GLSA-200501-35 Evolution: Integer overflow in camel-lock-helper Max Vozeler discovered an integer overflow in the camel-lock-helper application, which is installed as setgid mail by default. Impact : A local attacker could exploit this...
CVE-2005-0102
Evolution 2.0.2 and earlier is affected by CVE-2005-0102 due to an integer overflow in camel-lock-helper. A length value of -1 can cause a zero-byte allocation and a buffer overflow, enabling arbitrary code execution by local users or remote malicious POP3 servers. The issue is cited across multi...
Novell Evolution groupware client integer overflow vulnerability
Buffer overflow in camel-lock-helper application...
[ GLSA 200501-35 ] Evolution: Integer overflow in camel-lock-helper
Gentoo Linux Security Advisory GLSA 200501-35 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...
USN-69-1: Evolution vulnerability
Max Vozeler discovered an integer overflow in camel-lock-helper. An user-supplied length value was not validated, so that a value of -1 caused a buffer allocation of 0 bytes; this buffer was then filled by an arbitrary amount of user-supplied data. A local attacker or a malicious POP3 server coul...
CVE-2005-0102
Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow...
DEBIAN-CVE-2005-0102
Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow...
PT-2005-1210 · Evolution +1 · Evolution +1
Name of the Vulnerable Software and Affected Versions: Evolution versions 2.0.2 and earlier Description: The issue allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1. This leads to a zero byte memory allocation and a buffer overflow in the...
evolution -- arbitrary code execution vulnerability
Martin Joey Schulze reports: Max Vozeler discovered an integer overflow in the helper application camel-lock-helper which runs setuid root or setgid mail inside of Evolution, a free groupware suite. A local attacker can cause the setuid root helper to execute arbitrary code with elevated privileg...