CVE-2006-0528 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2006-0528 Interim 1 6 2022-12-09T02:14:45Z current 2021-05-30T12:34:52Z 2022-12-09T02:14:45Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2006-0528 The cairo library (libcairo), as used in GNOME Evolution and possibly other products, allows remote attackers to cause a denial of service (persistent client crash) via an attached text file that contains "Content-Disposition: inline" in the header, and a very long line in the body, which causes the client to repeatedly crash until the e-mail message is manually removed, possibly due to a buffer overflow, as demonstrated using an XML attachment. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/opensuse-security-announce/2006-03/msg00019.html E-Mail link for SUSE-SR:2006:007 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Server 11 SP1 for Teradata SUSE Linux Enterprise Server 11 SP3 for Teradata SUSE Linux Enterprise Server 11 SP4 LTSS openSUSE Tumbleweed cairo-devel-1.16.0-3.14 cairo-devel-32bit-1.16.0-3.14 cairo-tools-1.16.0-3.14 firefox-cairo libcairo-gobject2-1.16.0-3.14 libcairo-gobject2-32bit-1.16.0-3.14 libcairo-script-interpreter2-1.16.0-3.14 libcairo-script-interpreter2-32bit-1.16.0-3.14 libcairo2-1.16.0-3.14 libcairo2-32bit-1.16.0-3.14 cairo-devel-1.16.0-3.14 as a component of openSUSE Tumbleweed cairo-devel-32bit-1.16.0-3.14 as a component of openSUSE Tumbleweed cairo-tools-1.16.0-3.14 as a component of openSUSE Tumbleweed libcairo-gobject2-1.16.0-3.14 as a component of openSUSE Tumbleweed libcairo-gobject2-32bit-1.16.0-3.14 as a component of openSUSE Tumbleweed libcairo-script-interpreter2-1.16.0-3.14 as a component of openSUSE Tumbleweed libcairo-script-interpreter2-32bit-1.16.0-3.14 as a component of openSUSE Tumbleweed libcairo2-1.16.0-3.14 as a component of openSUSE Tumbleweed libcairo2-32bit-1.16.0-3.14 as a component of openSUSE Tumbleweed firefox-cairo as a component of SUSE Linux Enterprise Server 11 SP1 for Teradata firefox-cairo as a component of SUSE Linux Enterprise Server 11 SP3 for Teradata firefox-cairo as a component of SUSE Linux Enterprise Server 11 SP4 LTSS The cairo library (libcairo), as used in GNOME Evolution and possibly other products, allows remote attackers to cause a denial of service (persistent client crash) via an attached text file that contains "Content-Disposition: inline" in the header, and a very long line in the body, which causes the client to repeatedly crash until the e-mail message is manually removed, possibly due to a buffer overflow, as demonstrated using an XML attachment. CVE-2006-0528 openSUSE Tumbleweed:cairo-devel-1.16.0-3.14 openSUSE Tumbleweed:cairo-devel-32bit-1.16.0-3.14 openSUSE Tumbleweed:cairo-tools-1.16.0-3.14 openSUSE Tumbleweed:libcairo-gobject2-1.16.0-3.14 openSUSE Tumbleweed:libcairo-gobject2-32bit-1.16.0-3.14 openSUSE Tumbleweed:libcairo-script-interpreter2-1.16.0-3.14 openSUSE Tumbleweed:libcairo-script-interpreter2-32bit-1.16.0-3.14 openSUSE Tumbleweed:libcairo2-1.16.0-3.14 openSUSE Tumbleweed:libcairo2-32bit-1.16.0-3.14 SUSE Linux Enterprise Server 11 SP1 for Teradata:firefox-cairo SUSE Linux Enterprise Server 11 SP3 for Teradata:firefox-cairo SUSE Linux Enterprise Server 11 SP4 LTSS:firefox-cairo important 5 AV:N/AC:L/Au:N/C:N/I:N/A:P