Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3354

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2005-3354
Last Modified 07 Mar 2011 12:00:00
Published 20 Nov 2005 04:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2005-3354

Summary

Stack-based buffer overflow in the ldif_get_line function in ldif.c of Sylpheed before 2.1.6 allows user-assisted attackers to execute arbitrary code by having local users import LDIF files with long lines.

Vulnerable Systems

Application

  • Sylpheed 0.8.11

  • Sylpheed 0.9.10

  • Sylpheed 0.9.11

  • Sylpheed 0.9.12

  • Sylpheed 0.9.4

  • Sylpheed 0.9.5

  • Sylpheed 0.9.6

  • Sylpheed 0.9.7

  • Sylpheed 0.9.8

  • Sylpheed 0.9.9

  • Sylpheed 1.0.0

  • Sylpheed 1.0.1

  • Sylpheed 1.0.2

  • Sylpheed 1.0.3

  • Sylpheed 1.0.4

  • Sylpheed 2.0

  • Sylpheed 2.0.1

  • Sylpheed 2.0.2

  • Sylpheed 2.0.3

  • Sylpheed 2.1

  • Sylpheed 2.1.1

  • Sylpheed 2.1.2

  • Sylpheed 2.1.3

  • Sylpheed 2.1.4

  • Sylpheed 2.1.5


References

GENTOO - GLSA-200511-13

XF - sylpheed-ldif-dos(23028)

FEDORA - FEDORA-2005-1063

VUPEN - ADV-2005-2360

BID - 15363

SUSE - SUSE-SR:2005:028

DEBIAN - DSA-906

CONFIRM - http://sylpheed.good-day.net/en/news.html

SECUNIA - 17831

SECUNIA - 17678

SECUNIA - 17540

SECUNIA - 17525

SECUNIA - 17492

OSVDB - 20675


Last Updated: 27 May 2016 10:40:54