CVE-2006-0528
GNOME Evolution - Denial of Service via Long Line in Inline Text Attachment
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2006-0528. PoCs published by Mike Davis.
AI-analyzed exploit summary This exploit generates a large XML file to trigger a denial-of-service vulnerability in GNOME Evolution when processing inline XML attachments with excessively long strings.
Description
The cairo library (libcairo), as used in GNOME Evolution and possibly other products, allows remote attackers to cause a denial of service (persistent client crash) via an attached text file that contains "Content-Disposition: inline" in the header, and a very long line in the body, which causes the client to repeatedly crash until the e-mail message is manually removed, possibly due to a buffer overflow, as demonstrated using an XML attachment.
Exploits (1)
This exploit generates a large XML file to trigger a denial-of-service vulnerability in GNOME Evolution when processing inline XML attachments with excessively long strings.