http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3354 Probably fixed in 1.9.100 in FC4+, but probably unfixed in FC-3's 1.0.5. Potential fix from Gentoo's CVS: http://www.gentoo.org/cgi-bin/viewcvs.cgi/*checkout*/mail-client/sylpheed-claws/files/ldif-buffer-overflow-fix.diff
thanks for the heads up