CVE-2006-2789
Evolution 2.2.x and 2.3.x - Denial of Service via Crafted From Header
Title source: llmDescription
Evolution 2.2.x and 2.3.x in GNOME 2.7 and 2.8, when "load images if sender in addressbook" is enabled, allows remote attackers to cause a denial of service (persistent crash) via a crafted "From" header that triggers an assert error in camel-internet-address.c when a null pointer is used.
References (4)
Core 4
Core References
Vendor Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDKSA-2006:094
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/18212
Issue Tracking x_refsource_confirm
http://bugzilla.gnome.org/show_bug.cgi?id=311440
Issue Tracking x_refsource_confirm
http://bugzilla.gnome.org/show_bug.cgi?id=309453
Scores
EPSS
0.0079
EPSS Percentile
74.0%
Details
Status
published
Products (8)
gnome/evolution
2.3.1
gnome/evolution
2.3.2
gnome/evolution
2.3.3
gnome/evolution
2.3.4
gnome/evolution
2.3.5
gnome/evolution
2.3.6
gnome/evolution
2.3.6.1
gnome/evolution
2.3.7
Published
Jun 02, 2006
Tracked Since
Feb 18, 2026