CVE-2006-2789 — Evolution vulnerability

6 documents6 sources
Severity
2.6LOWNVD
EPSS
0.8%
top 26.16%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Gnome Evolution
Timeline
PublishedJun 2
Latest updateMay 1

Description

Evolution 2.2.x and 2.3.x in GNOME 2.7 and 2.8, when "load images if sender in addressbook" is enabled, allows remote attackers to cause a denial of service (persistent crash) via a crafted "From" header that triggers an assert error in camel-internet-address.c when a null pointer is used.

CVSS vector

AV:N/AC:H/C:N/I:N/A:PExploitability: 4.9 | Impact: 2.9

Affected Packages2 packages

â–¶Debiangnome/evolution< 2.4.0-1+3
â–¶NVDgnome/evolution8 versions+7

🔴Vulnerability Details

3
GHSA
GHSA-8wv6-gwv3-gfpm: Evolution 2↗2022-05-01
â–¶
CVEList
CVE-2006-2789: Evolution 2↗2006-06-02
â–¶
OSV
CVE-2006-2789: Evolution 2↗2006-06-02
â–¶

📋Vendor Advisories

2
Debian
CVE-2006-2789: evolution - Evolution 2.2.x and 2.3.x in GNOME 2.7 and 2.8, when "load images if sender in a...↗2006
â–¶
Red Hat
CVE-2006-2789: Evolution 2↗
â–¶
CVE-2006-2789 — Gnome Evolution vulnerability | cvebase