Denial of Service Vulnerability in Evolution Email Client by GNOME
CVE-2006-2789

Currently unrated

Key Information:

Vendor: Gnome
Status: Evolution
Vendor: CVE Published:; 2 June 2006

What is CVE-2006-2789?

The Evolution email client versions 2.2.x and 2.3.x are vulnerable to a denial of service attack when the setting to 'load images if sender in addressbook' is enabled. This allows an attacker to send a specially crafted email with a malicious 'From' header that causes a persistent crash due to a null pointer reference in the camel-internet-address.c module. This vulnerability can lead to disruptions in service and hinder normal email operations for users.

References

http://www.mandriva.com/security/advisories?name=MDKSA-20...

vendor-advisoryx_refsource_MANDRIVA

http://www.securityfocus.com/bid/18212

vdb-entryx_refsource_BID

http://bugzilla.gnome.org/show_bug.cgi?id=311440

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 2, 2006
Vulnerability Reserved
Jun 2, 2006

Gnome

What is CVE-2006-2789?

References

Timeline