VDB
CVE-2006-0528
CVE-2006-0528
PUBLISHED
CVSS 5 MEDIUM
The cairo library (libcairo), as used in GNOME Evolution and possibly other products, allows remote attackers to cause a denial of service (persistent client crash) via an attached text file that contains "Content-Disposition: inline" in the header, and a very long line in the body, which causes the client to repeatedly crash until the e-mail message is manually removed, possibly due to a buffer overflow, as demonstrated using an XML attachment.
EPSS 5.11% · 90.0th percentile
Risk Scores
CVSS 2.0
5
EPSS Score
5.11%
90.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| gnome | evolution | 2.3.1, 2.3.2, 2.3.4 |
Exploit Intelligence
- 16408 (circl)
- USN-265-1 (circl)
- SUSE-SR:2006:007 (circl)
- 610 (circl)
- MDKSA-2006:057 (circl)
- 20060128 gnome evolution mail client inline text file DoS issue (circl)
- 19504 (circl)
Timeline
- Feb 2, 2006 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- May 9, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
References
- 16408 vdb
- USN-265-1 vendor-advisory
- SUSE-SR:2006:007 vendor-advisory
- 610 third-party-advisory
- MDKSA-2006:057 vendor-advisory
- 20060128 gnome evolution mail client inline text file DoS issue mailing-list
- 19504 third-party-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2006-0528 advisory
- https://usn.ubuntu.com/265-1 url