Vulnerabilities > Gnome > Evolution > Critical

DATE CVE VULNERABILITY TITLE RISK
2018-06-15 CVE-2018-12422 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Gnome Evolution
addressbook/backends/ldap/e-book-backend-ldap.c in Evolution-Data-Server in GNOME Evolution through 3.29.2 might allow attackers to trigger a Buffer Overflow via a long query that is processed by the strcat function.
network
low complexity
gnome CWE-119
critical
9.8
2009-08-03 CVE-2009-2404 Buffer Errors vulnerability in Mozilla Network Security Services 3.12.3
Heap-based buffer overflow in a regular-expression parser in Mozilla Network Security Services (NSS) before 3.12.3, as used in Firefox, Thunderbird, SeaMonkey, Evolution, Pidgin, and AOL Instant Messenger (AIM), allows remote SSL servers to cause a denial of service (application crash) or possibly execute arbitrary code via a long domain name in the subject's Common Name (CN) field of an X.509 certificate, related to the cert_TestHostName function.
network
mozilla aol gnome pidgin CWE-119
critical
9.3
2008-06-04 CVE-2008-1109 Buffer Errors vulnerability in Gnome Evolution 2.22.1
Heap-based buffer overflow in Evolution 2.22.1 allows user-assisted remote attackers to execute arbitrary code via a long DESCRIPTION property in an iCalendar attachment, which is not properly handled during a reply in the calendar view (aka the Calendars window).
network
gnome CWE-119
critical
9.3
2005-01-24 CVE-2005-0102 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow.
network
low complexity
gnome debian CWE-190
critical
9.8