CyberSec.Space Logo
Back to CVE Browser

CVE-2005-0102

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0640%
EPSS Percentile39.98th
PublishedJan 24, 2005
Last ModifiedApr 16, 2026

Vulnerability Description

Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow.

Affected Platforms (CPE)

πŸ“¦
Gnome

Evolution

<= 2.0.2
πŸ’»
Debian

Debian Linux

= 3.0

References & Advisories

πŸ”— http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000925
πŸ”— http://secunia.com/advisories/13830
πŸ”— http://security.gentoo.org/glsa/glsa-200501-35.xml
πŸ”— http://securitytracker.com/id?1012981
πŸ”— http://www.debian.org/security/2005/dsa-673
πŸ”— http://www.mandriva.com/security/advisories?name=MDKSA-2005:024
πŸ”— http://www.redhat.com/support/errata/RHSA-2005-238.html
πŸ”— http://www.redhat.com/support/errata/RHSA-2005-397.html

Related Vulnerabilities

CVE-2008-353310.0

Format string vulnerability in the window_error function in yelp-window.c in yelp in Gnome after 2.19.90 and before 2.24 allows re...

CVE-2021-435279.8

NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded D...

CVE-2020-121339.8

The Apros Evolution, ConsciusMap, and Furukawa provisioning systems through 2.8.1 allow remote code execution because of javax.fac...

CVE-2016-107279.8

camel/providers/imapx/camel-imapx-server.c in the IMAPx component in GNOME evolution-data-server before 3.21.2 proceeds with clear...