CVE-2005-3354
sylpheed-claws - buffer overflows
EPSS 1.4%
Description
Stack-based buffer overflow in the ldif_get_line function in ldif.c of Sylpheed before 2.1.6 allows user-assisted attackers to execute arbitrary code by having local users import LDIF files with long lines.
How to fix CVE-2005-3354
To remediate CVE-2005-3354, upgrade the affected package to a fixed version below.
- Debian/sylpheed—upgrade to 2.0.4-1 or later
- Debian/sylpheed—upgrade to 0.7.4-4woody1 or later
- Debian/sylpheed-claws—upgrade to 0.7.4claws-3woody1 or later
Is CVE-2005-3354 being exploited?
Low — EPSS is 1.4%, meaning exploitation activity has not been observed at scale.
Affected packages (3)
- from 0, < 2.0.4-1
- from 0, < 0.7.4-4woody1
- from 0, < 0.7.4claws-3woody1