CVE-2005-0102

9.8 CRITICAL

Published: January 24, 2005 Modified: April 16, 2026

Description

Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

CVSS v3.x Details

0.0 Low Medium High Critical 10.0

Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000925

Source: cve@mitre.org

Broken Link Patch Vendor Advisory

http://secunia.com/advisories/13830

Source: cve@mitre.org

Broken Link

http://security.gentoo.org/glsa/glsa-200501-35.xml

Source: cve@mitre.org

Third Party Advisory

http://securitytracker.com/id?1012981

Source: cve@mitre.org

Broken Link Third Party Advisory VDB Entry

http://www.debian.org/security/2005/dsa-673

Source: cve@mitre.org

Mailing List Patch Third Party Advisory

http://www.mandriva.com/security/advisories?name=MDKSA-2005:024

Source: cve@mitre.org

Third Party Advisory

http://www.redhat.com/support/errata/RHSA-2005-238.html

Source: cve@mitre.org

Broken Link

http://www.redhat.com/support/errata/RHSA-2005-397.html

Source: cve@mitre.org

Broken Link Patch Vendor Advisory

http://www.securityfocus.com/bid/12354

Source: cve@mitre.org

Broken Link Patch Third Party Advisory VDB Entry Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/19031

Source: cve@mitre.org

Third Party Advisory VDB Entry

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9616

Source: cve@mitre.org

Broken Link

https://usn.ubuntu.com/69-1/

Source: cve@mitre.org

Broken Link

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000925