Vulnerability Name: | CVE-2005-3354 (CCN-23028) | ||||||||||||||||
Assigned: | 2005-11-09 | ||||||||||||||||
Published: | 2005-11-09 | ||||||||||||||||
Updated: | 2017-07-11 | ||||||||||||||||
Summary: | Stack-based buffer overflow in the ldif_get_line function in ldif.c of Sylpheed before 2.1.6 allows user-assisted attackers to execute arbitrary code by having local users import LDIF files with long lines. | ||||||||||||||||
CVSS v3 Severity: | 5.6 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||||||||||
CVSS v2 Severity: | 5.1 Medium (CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
| ||||||||||||||||
Vulnerability Type: | CWE-119 | ||||||||||||||||
Vulnerability Consequences: | Gain Access | ||||||||||||||||
References: | Source: MITRE Type: CNA CVE-2005-3354 Source: OSVDB Type: UNKNOWN 20675 Source: CCN Type: SA17492 Sylpheed LDIF Import Buffer Overflow Vulnerability Source: SECUNIA Type: Vendor Advisory 17492 Source: SECUNIA Type: Vendor Advisory 17525 Source: SECUNIA Type: Vendor Advisory 17540 Source: SECUNIA Type: Vendor Advisory 17678 Source: SECUNIA Type: Vendor Advisory 17831 Source: CCN Type: Sylpheed Web site Sylpheed- a GTK+ based, lightweight, and fast e-mail client - Source: CONFIRM Type: UNKNOWN http://sylpheed.good-day.net/en/news.html Source: CCN Type: Slypheed Download Upgrade for v1.0 Index of /sylpheed/v1.0 Source: CCN Type: Slypheed Download Upgrade for v2.0 Index of /sylpheed/v2.0 Source: DEBIAN Type: UNKNOWN DSA-906 Source: DEBIAN Type: DSA-906 sylpheed -- buffer overflows Source: DEBIAN Type: DSA-908 sylpheed-claws -- buffer overflows Source: CCN Type: GLSA-200511-13 Sylpheed, Sylpheed-Claws: Buffer overflow in LDIF importer Source: GENTOO Type: Patch, Vendor Advisory GLSA-200511-13 Source: SUSE Type: UNKNOWN SUSE-SR:2005:028 Source: CCN Type: OSVDB ID: 20675 Sylpheed Address Book LDIF Import Overflow Source: BID Type: UNKNOWN 15363 Source: CCN Type: BID-15363 Sylpheed LDIF Import Remote Buffer Overflow Vulnerability Source: VUPEN Type: Vendor Advisory ADV-2005-2360 Source: FEDORA Type: UNKNOWN FEDORA-2005-1063 Source: XF Type: UNKNOWN sylpheed-ldif-dos(23028) Source: XF Type: UNKNOWN sylpheed-ldif-dos(23028) Source: SUSE Type: SUSE-SR:2005:028 SUSE Security Summary Report | ||||||||||||||||
Vulnerable Configuration: | Configuration 1:![]() | ||||||||||||||||
Oval Definitions | |||||||||||||||||
| |||||||||||||||||
BACK |