CVE-2005-0667: Buffer Overflow
First published: Mon Mar 07 2005(Updated: )
Buffer overflow in Sylpheed before 1.0.3 and other versions before 1.9.5 allows remote attackers to execute arbitrary code via an e-mail message with certain headers containing non-ASCII characters that are not properly handled when the user replies to the message.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sylpheed | =0.8.11 | |
| Sylpheed | =0.9.4 | |
| Sylpheed | =0.9.5 | |
| Sylpheed | =0.9.6 | |
| Sylpheed | =0.9.7 | |
| Sylpheed | =0.9.8 | |
| Sylpheed | =0.9.9 | |
| Sylpheed | =0.9.10 | |
| Sylpheed | =0.9.11 | |
| Sylpheed | =0.9.12 | |
| Sylpheed | =0.9.99 | |
| Sylpheed | =1.0.0 | |
| Sylpheed | =1.0.1 | |
| Sylpheed | =1.0.2 | |
| Claws-Mail | =1.0.2 | |
| ALT Linux | =2.3 | |
| ALT Linux | =2.3 | |
| Gentoo Linux | ||
| Red Hat Enterprise Linux | =2.1 | |
| Red Hat Enterprise Linux | =2.1 | |
| Red Hat Enterprise Linux | =2.1 | |
| Red Hat Enterprise Linux | =2.1 | |
| Red Hat Enterprise Linux | =2.1 | |
| Red Hat Enterprise Linux | =2.1 | |
| Red Hat Fedora Core | =core_3.0 | |
| Red Hat Linux Advanced Workstation | =2.1 | |
| Red Hat Linux Advanced Workstation | =2.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2005-0667?
CVE-2005-0667 is considered a critical vulnerability due to its potential to allow remote code execution.
How do I fix CVE-2005-0667?
To fix CVE-2005-0667, upgrade Sylpheed to version 1.0.3 or later.
Which versions of Sylpheed are affected by CVE-2005-0667?
CVE-2005-0667 affects Sylpheed versions prior to 1.0.3 and all versions before 1.9.5.
What type of attack does CVE-2005-0667 enable?
CVE-2005-0667 enables remote attackers to execute arbitrary code via specially crafted email messages.
Is there a workaround for CVE-2005-0667?
As a workaround for CVE-2005-0667, users can avoid opening untrusted email messages or disable automatic replies.
- agent/references
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/remedy
- agent/last-modified-date
- agent/weakness
- agent/description
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/sylpheed
- canonical/sylpheed
- version/sylpheed/0.8.11
- version/sylpheed/0.9.4
- version/sylpheed/0.9.5
- version/sylpheed/0.9.6
- version/sylpheed/0.9.7
- version/sylpheed/0.9.8
- version/sylpheed/0.9.9
- version/sylpheed/0.9.10
- version/sylpheed/0.9.11
- version/sylpheed/0.9.12
- version/sylpheed/0.9.99
- version/sylpheed/1.0.0
- version/sylpheed/1.0.1
- version/sylpheed/1.0.2
- vendor/sylpheed-claws
- canonical/claws-mail
- version/claws-mail/1.0.2
- vendor/altlinux
- canonical/alt linux
- version/alt linux/2.3
- vendor/gentoo
- canonical/gentoo linux
- vendor/redhat
- canonical/red hat enterprise linux
- version/red hat enterprise linux/2.1
- canonical/red hat fedora core
- version/red hat fedora core/core_3.0
- canonical/red hat linux advanced workstation
- version/red hat linux advanced workstation/2.1