Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-0667

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2005-0667
Last Modified 05 Sep 2008 04:46:57
Published 07 Mar 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2005-0667

Summary

Buffer overflow in Sylpheed before 1.0.3 and other versions before 1.9.5 allows remote attackers to execute arbitrary code via an e-mail message with certain headers containing non-ASCII characters that are not properly handled when the user replies to the message.

Vulnerable Systems

Operating System

  • Altlinux Alt Linux 2.3

  • Gentoo Linux

  • Redhat Enterprise Linux 2.1

  • Redhat Fedora Core Core 3.0

  • Redhat Linux Advanced Workstation 2.1

Application

  • Sylpheed 0.8.11

  • Sylpheed 0.9.10

  • Sylpheed 0.9.11

  • Sylpheed 0.9.12

  • Sylpheed 0.9.4

  • Sylpheed 0.9.5

  • Sylpheed 0.9.6

  • Sylpheed 0.9.7

  • Sylpheed 0.9.8

  • Sylpheed 0.9.9

  • Sylpheed 0.9.99

  • Sylpheed 1.0.0

  • Sylpheed 1.0.1

  • Sylpheed 1.0.2

  • Sylpheed-claws 1.0.2


References

REDHAT - RHSA-2005:303

GENTOO - GLSA-200503-26

CONFIRM - http://sylpheed.good-day.net/changelog.html.en

CONFIRM - http://sylpheed.good-day.net/changelog-devel.html.en

SECUNIA - 14491

SECTRACK - 1013376


Last Updated: 27 May 2016 10:39:53