The cairo library (libcairo), as used in GNOME Evolution and possibly other products, allows remote attackers to cause a denial of service (persistent client crash) via an attached text file that contains "Content-Disposition: inline" in the header, and a very long line in the body, which causes the client to repeatedly crash until the e-mail message is manually removed, possibly due to a buffer overflow, as demonstrated using an XML attachment.
| Link | Tags |
|---|---|
| http://www.securityfocus.com/bid/16408 | vdb entry exploit |
| https://usn.ubuntu.com/265-1/ | vendor advisory |
| http://www.novell.com/linux/security/advisories/2006_07_sr.html | vendor advisory |
| http://securityreason.com/securityalert/610 | third party advisory |
| http://www.mandriva.com/security/advisories?name=MDKSA-2006:057 | vendor advisory |
| http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0925.html | mailing list |
| http://secunia.com/advisories/19504 | third party advisory vendor advisory |