CVE-2005-0102
published 2005-01-24CVE-2005-0102: Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | evolution | < evolution 2.0.3-1.2 (bookworm) | evolution 2.0.3-1.2 (bookworm) |
| gnome | evolution | <= 2.0.2 | — |
| gnome | evolution | >= 0 < 2.0.3-1.2 | 2.0.3-1.2 |
| gnome | evolution | >= 0 < 2.0.3-1.2 | 2.0.3-1.2 |
| gnome | evolution | >= 0 < 2.0.3-1.2 | 2.0.3-1.2 |
| gnome | evolution | >= 0 < 2.0.3-1.2 | 2.0.3-1.2 |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
osv9.8CRITICAL