Vulnerability Details : CVE-2005-0102
Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow.
Vulnerability category: OverflowExecute code
Products affected by CVE-2005-0102
- cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2005-0102
0.60%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 67 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2005-0102
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST | |
|
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST | 2024-02-08 |
CWE ids for CVE-2005-0102
-
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.Assigned by: nvd@nist.gov (Primary)
References for CVE-2005-0102
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9616
404 Not FoundBroken Link
-
http://www.mandriva.com/security/advisories?name=MDKSA-2005:024
Advisories - Mandriva LinuxThird Party Advisory
-
http://www.securityfocus.com/bid/12354
Broken Link;Patch;Third Party Advisory;VDB Entry;Vendor Advisory
-
http://secunia.com/advisories/13830
About Secunia Research | FlexeraBroken Link
-
http://security.gentoo.org/glsa/glsa-200501-35.xml
Evolution: Integer overflow in camel-lock-helper (GLSA 200501-35) — Gentoo securityThird Party Advisory
-
http://www.redhat.com/support/errata/RHSA-2005-397.html
SupportBroken Link;Patch;Vendor Advisory
-
https://usn.ubuntu.com/69-1/
404: Page not found | UbuntuBroken Link
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/19031
Ximian Evolution camel-lock-helper buffer overflow CVE-2005-0102 Vulnerability ReportThird Party Advisory;VDB Entry
-
http://www.debian.org/security/2005/dsa-673
[SECURITY] [DSA 673-1] New evolution packages fix arbitrary code execution as rootMailing List;Patch;Third Party Advisory
-
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000925
CONECTIVA | Análises dos Melhores Produtos Online (#10 Melhores)Broken Link;Patch;Vendor Advisory
-
http://www.redhat.com/support/errata/RHSA-2005-238.html
SupportBroken Link
-
http://securitytracker.com/id?1012981
GoDaddy Domain Name SearchBroken Link;Third Party Advisory;VDB Entry
Jump to