Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0102 http://marc.theaimsgroup.com/?l=bugtraq&m=110667319720599&w=2 http://www.mandrakesoft.com/security/advisories?name=MDKSA-2005:024 ------- Bug moved to this database by dkl 2005-03-30 18:31 ------- This bug previously known as bug 2427 at https://bugzilla.fedora.us/ https://bugzilla.fedora.us/show_bug.cgi?id=2427 Originally filed under the Fedora Legacy product and Package request component. Unknown priority P2. Setting to default priority "normal". Unknown platform PC. Setting to default platform "All". Setting qa contact to the default for this product. This bug either had no qa contact or an invalid one.
05.32.11 CVE: CAN-2005-2549, CAN-2005-2550 Platform: Linux Title: GNOME Evolution Multiple Format String Vulnerabilities Description: GNOME Evolution is an email client for the GNOME desktop. Evolution is affected by multiple format string vulnerabilities. Evolution versions 2.3.6.1 and earlier are known to be vulnerable. Ref: http://www.securityfocus.com/bid/14532
Fedora Legacy project has ended. These will not be fixed by Fedora Legacy.