PT-2006-3707 · Gnome · Gnome Evolution

Nathan Owens

Published

2006-06-02

Updated

2010-04-02

CVE-2006-2789

CVSS v2.0

2.6

Low

Vector

AV:N/AC:H/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions GNOME Evolution versions 2.2.x through 2.3.x

Description The issue allows remote attackers to cause a denial of service, resulting in a persistent crash. This occurs when the "load images if sender in addressbook" option is enabled and a crafted "From" header is used, triggering an assert error in camel-internet-address.c due to a null pointer.

Recommendations For GNOME Evolution versions 2.2.x through 2.3.x, consider disabling the "load images if sender in addressbook" option as a temporary workaround to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-2789

Affected Products

Gnome Evolution

PT-2006-3707 · Gnome · Gnome Evolution

CVE-2006-2789

Related Identifiers

Affected Products

References · 8