CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2005-0102

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0640%
EPSS Percentile39.98th
Published2005年1月24日
Last Modified2026年4月16日

Vulnerability Description

Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow.

Affected Platforms (CPE)

📦
Gnome

Evolution

<= 2.0.2
💻
Debian

Debian Linux

= 3.0

References & Advisories

🔗 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000925
🔗 http://secunia.com/advisories/13830
🔗 http://security.gentoo.org/glsa/glsa-200501-35.xml
🔗 http://securitytracker.com/id?1012981
🔗 http://www.debian.org/security/2005/dsa-673
🔗 http://www.mandriva.com/security/advisories?name=MDKSA-2005:024
🔗 http://www.redhat.com/support/errata/RHSA-2005-238.html
🔗 http://www.redhat.com/support/errata/RHSA-2005-397.html

相關漏洞威脅

CVE-2008-353310.0

Format string vulnerability in the window_error function in yelp-window.c in yelp in Gnome after 2.19.90 and before 2.24 allows re...

CVE-2021-435279.8

NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded D...

CVE-2020-121339.8

The Apros Evolution, ConsciusMap, and Furukawa provisioning systems through 2.8.1 allow remote code execution because of javax.fac...

CVE-2016-107279.8

camel/providers/imapx/camel-imapx-server.c in the IMAPx component in GNOME evolution-data-server before 3.21.2 proceeds with clear...