Vulnerabilities > CVE-2006-0528 - Buffer Overflow vulnerability in GNOME Evolution Inline XML File Attachment
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
The cairo library (libcairo), as used in GNOME Evolution and possibly other products, allows remote attackers to cause a denial of service (persistent client crash) via an attached text file that contains "Content-Disposition: inline" in the header, and a very long line in the body, which causes the client to repeatedly crash until the e-mail message is manually removed, possibly due to a buffer overflow, as demonstrated using an XML attachment.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 8 |
Exploit-Db
| description | GNOME Evolution 2.2.3/2.3.x Inline XML File Attachment Buffer Overflow Vulnerability. CVE-2006-0528. Dos exploit for linux platform |
| id | EDB-ID:27145 |
| last seen | 2016-02-03 |
| modified | 2006-01-28 |
| published | 2006-01-28 |
| reporter | Mike Davis |
| source | https://www.exploit-db.com/download/27145/ |
| title | GNOME Evolution 2.2.3/2.3.x Inline XML File Attachment Buffer Overflow Vulnerability |
Nessus
NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-265-1.NASL description When rendering glyphs, the cairo graphics rendering library did not check the maximum length of character strings. A request to display an excessively long string with cairo caused a program crash due to an X library error. Mike Davis discovered that this could be turned into a Denial of Service attack in Evolution. An email with an attachment with very long lines caused Evolution to crash repeatedly until that email was manually removed from the mail folder. This only affects Ubuntu 5.10. Previous Ubuntu releases did not use libcairo for text rendering. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 21151 published 2006-03-27 reporter Ubuntu Security Notice (C) 2006-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/21151 title Ubuntu 5.10 : libcairo vulnerability (USN-265-1) NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2006-057.NASL description GNOME Evolution allows remote attackers to cause a denial of service (persistent client crash) via an attached text file that contains last seen 2020-06-01 modified 2020-06-02 plugin id 21115 published 2006-03-21 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/21115 title Mandrake Linux Security Advisory : cairo (MDKSA-2006:057)
References
- http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0925.html
- http://secunia.com/advisories/19504
- http://securityreason.com/securityalert/610
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:057
- http://www.novell.com/linux/security/advisories/2006_07_sr.html
- http://www.securityfocus.com/bid/16408
- https://usn.ubuntu.com/265-1/