Denial of Service Vulnerability in Cairo Library for GNOME Evolution
CVE-2006-0528

Currently unrated

Key Information:

Vendor

Gnome
Status
Evolution
Vendor
CVE Published:
2 February 2006

What is CVE-2006-0528?

The cairo library, utilized in applications like GNOME Evolution, is susceptible to a denial of service attack stemming from a specially crafted text file. This file contains a header with 'Content-Disposition: inline' and a lengthy body that can trigger persistent crashes in the client. As a result, users experience repeated failures unless the problematic email is manually deleted. This behavior may be linked to a buffer overflow, exemplified by manipulating XML attachments.

References

http://www.securityfocus.com/bid/16408
vdb-entryx_refsource_BID
https://usn.ubuntu.com/265-1/
vendor-advisoryx_refsource_UBUNTU
http://www.novell.com/linux/security/advisories/2006_07_s...
vendor-advisoryx_refsource_SUSE

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.