Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2006-0528

Publication date 2 February 2006

Last updated 24 July 2024

Ubuntu priority

Unknown

Why this priority?

The cairo library (libcairo), as used in GNOME Evolution and possibly other products, allows remote attackers to cause a denial of service (persistent client crash) via an attached text file that contains "Content-Disposition: inline" in the header, and a very long line in the body, which causes the client to repeatedly crash until the e-mail message is manually removed, possibly due to a buffer overflow, as demonstrated using an XML attachment.

Status

Package Ubuntu Release Status
evolution 7.04 feisty
Not affected
6.10 edgy
Not affected
6.06 LTS dapper
Not affected
libcairo 7.04 feisty
Not affected
6.10 edgy
Not affected
6.06 LTS dapper
Fixed 1.0.4-0ubuntu1

References

Related Ubuntu Security Notices (USN)

    • USN-265-1
    • cairo/Evolution library vulnerability
    • 23 March 2006

Other references