Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2005-3354

Stack-based buffer overflow in the ldif_get_line function in ldif.c of Sylpheed before 2.1.6 allows user-assisted attackers to execute arbitrary code by having local users import LDIF files with long lines.

Published

2005-11-20T21:03:00.000

Last Modified

2025-04-03T01:03:51.193

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 5.1 (MEDIUM)

CVSSv2 Vector

AV:N/AC:H/Au:N/C:P/I:P/A:P

Access Vector: NETWORK
Access Complexity: HIGH
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

4.9

Impact Score

6.4

Weaknesses

Type: Primary
CWE-119

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	sylpheed	sylpheed	0.8.11	Yes
Application	sylpheed	sylpheed	0.9.4	Yes
Application	sylpheed	sylpheed	0.9.5	Yes
Application	sylpheed	sylpheed	0.9.6	Yes
Application	sylpheed	sylpheed	0.9.7	Yes
Application	sylpheed	sylpheed	0.9.8	Yes
Application	sylpheed	sylpheed	0.9.9	Yes
Application	sylpheed	sylpheed	0.9.10	Yes
Application	sylpheed	sylpheed	0.9.11	Yes
Application	sylpheed	sylpheed	0.9.12	Yes
Application	sylpheed	sylpheed	1.0.0	Yes
Application	sylpheed	sylpheed	1.0.1	Yes
Application	sylpheed	sylpheed	1.0.2	Yes
Application	sylpheed	sylpheed	1.0.3	Yes
Application	sylpheed	sylpheed	1.0.4	Yes
Application	sylpheed	sylpheed	2.0	Yes
Application	sylpheed	sylpheed	2.0.1	Yes
Application	sylpheed	sylpheed	2.0.2	Yes
Application	sylpheed	sylpheed	2.0.3	Yes
Application	sylpheed	sylpheed	2.1	Yes
Application	sylpheed	sylpheed	2.1.1	Yes
Application	sylpheed	sylpheed	2.1.2	Yes
Application	sylpheed	sylpheed	2.1.3	Yes
Application	sylpheed	sylpheed	2.1.4	Yes
Application	sylpheed	sylpheed	2.1.5	Yes

References

http://osvdb.org/20675 ([email protected])
http://secunia.com/advisories/17492 Vendor Advisory ([email protected])
http://secunia.com/advisories/17525/ Vendor Advisory ([email protected])
http://secunia.com/advisories/17540/ Vendor Advisory ([email protected])
http://secunia.com/advisories/17678 Vendor Advisory ([email protected])
http://secunia.com/advisories/17831/ Vendor Advisory ([email protected])
http://sylpheed.good-day.net/en/news.html ([email protected])
http://www.debian.org/security/2005/dsa-906 ([email protected])
http://www.gentoo.org/security/en/glsa/glsa-200511-13.xml Patch, Vendor Advisory ([email protected])
http://www.novell.com/linux/security/advisories/2005_28_sr.html ([email protected])
http://www.securityfocus.com/bid/15363 ([email protected])
http://www.vupen.com/english/advisories/2005/2360 Vendor Advisory ([email protected])
http://www.xatrix.org/advisory.php?s=7282 ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/23028 ([email protected])
http://osvdb.org/20675 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/17492 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/17525/ Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/17540/ Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/17678 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/17831/ Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://sylpheed.good-day.net/en/news.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2005/dsa-906 (af854a3a-2127-422b-91ae-364da2661108)
http://www.gentoo.org/security/en/glsa/glsa-200511-13.xml Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.novell.com/linux/security/advisories/2005_28_sr.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/15363 (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2005/2360 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.xatrix.org/advisory.php?s=7282 (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/23028 (af854a3a-2127-422b-91ae-364da2661108)