Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Camel (camel-imap-folder.c) in the mailer component for Evolution Data Server 1.11 allows remote IMAP servers to execute arbitrary code via a negative SEQUENCE value in GData, which is used as an array index.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Gnome Evolution数据服务器负数SEQUENCE数组索引漏洞
Vulnerability Description
Evolution是GNOME项目的一套用于Linux下Gnome桌面环境的邮件客户端程序。该程序提供Email、日历、会议安排、联系人管理等功能。 Evolution在处理畸形的IMAP服务器返回信息时存在漏洞,远程攻击者可能利用此漏洞控制用户机器。 Evolution的camel/providers/imap/camel-imap-folder.c文件中imap_rescan()函数没有正确地过滤SEQUENCE值便将其用到了索引数组中。SEQUENCE值是通过strtol从字符串转换的,可能为负值,
CVSS Information
N/A
Vulnerability Type
N/A