First published: Mon Mar 07 2005(Updated: )
Buffer overflow in Sylpheed before 1.0.3 and other versions before 1.9.5 allows remote attackers to execute arbitrary code via an e-mail message with certain headers containing non-ASCII characters that are not properly handled when the user replies to the message.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Sylpheed | =0.8.11 | |
Sylpheed | =0.9.4 | |
Sylpheed | =0.9.5 | |
Sylpheed | =0.9.6 | |
Sylpheed | =0.9.7 | |
Sylpheed | =0.9.8 | |
Sylpheed | =0.9.9 | |
Sylpheed | =0.9.10 | |
Sylpheed | =0.9.11 | |
Sylpheed | =0.9.12 | |
Sylpheed | =0.9.99 | |
Sylpheed | =1.0.0 | |
Sylpheed | =1.0.1 | |
Sylpheed | =1.0.2 | |
Claws-Mail | =1.0.2 | |
ALT Linux | =2.3 | |
ALT Linux | =2.3 | |
Gentoo Linux | ||
Red Hat Enterprise Linux | =2.1 | |
Red Hat Enterprise Linux | =2.1 | |
Red Hat Enterprise Linux | =2.1 | |
Red Hat Enterprise Linux | =2.1 | |
Red Hat Enterprise Linux | =2.1 | |
Red Hat Enterprise Linux | =2.1 | |
Red Hat Fedora Core | =core_3.0 | |
Red Hat Linux Advanced Workstation | =2.1 | |
Red Hat Linux Advanced Workstation | =2.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2005-0667 is considered a critical vulnerability due to its potential to allow remote code execution.
To fix CVE-2005-0667, upgrade Sylpheed to version 1.0.3 or later.
CVE-2005-0667 affects Sylpheed versions prior to 1.0.3 and all versions before 1.9.5.
CVE-2005-0667 enables remote attackers to execute arbitrary code via specially crafted email messages.
As a workaround for CVE-2005-0667, users can avoid opening untrusted email messages or disable automatic replies.