Buffer Overflow Vulnerability in GNOME Evolution's Evolution-Data-Server
CVE-2018-12422
9.8CRITICAL
What is CVE-2018-12422?
A vulnerability was identified in the Evolution-Data-Server used by GNOME Evolution, specifically within the LDAP backend. The flaw arises from a potential buffer overflow triggered by long queries processed through the strcat function. Although the software maintainer argues that the code computes the required string length and allocates sufficient heap memory, the risk of manipulation remains. This could allow unauthorized users to execute unintended actions, emphasizing the importance of updating to a secure version to mitigate risks.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
References
CVSS V3.1
Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved