DescriptionThe cairo library (libcairo), as used in GNOME Evolution and possibly other products, allows remote attackers to cause a denial of service (persistent client crash) via an attached text file that contains "Content-Disposition: inline" in the header, and a very long line in the body, which causes the client to repeatedly crash until the e-mail message is manually removed, possibly due to a buffer overflow, as demonstrated using an XML attachment.
Overall state of this security issue: Resolved
This issue is currently rated as having critical severity.
|National Vulnerability Database|
- SUSE-SR:2006:007, published Fri, 31 Mar 2006 15:00:00 +0000
List of released packages
|Product(s)||Fixed package version(s)||References|
|SUSE LINUX 10.0|| |