CVE-2018-12422 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Evolution
Severity
9.8CRITICALNVD
EPSS
0.5%
top 33.60%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJun 15
Latest updateMay 14
Description
addressbook/backends/ldap/e-book-backend-ldap.c in Evolution-Data-Server in GNOME Evolution through 3.29.2 might allow attackers to trigger a Buffer Overflow via a long query that is processed by the strcat function. NOTE: the software maintainer disputes this because "the code had computed the required string length first, and then allocated a large-enough buffer on the heap.
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9
Affected Packages2 packages
Patches
🔴Vulnerability Details
3📋Vendor Advisories
2💬Community
2Bugzilla▶
CVE-2018-12422 evolution-data-server: Unsafe use of strcat allows buffer overflow in addressbook/backends/ldap/e-book-backend-ldap.c [fedora-all]↗2018-06-19
Bugzilla▶
CVE-2018-12422 evolution-data-server: Unsafe use of strcat allows buffer overflow in addressbook/backends/ldap/e-book-backend-ldap.c↗2018-06-19