Unrated severityNVD Advisory· Published Feb 2, 2006· Updated Apr 16, 2026

CVE-2006-0528

Description

The cairo library (libcairo), as used in GNOME Evolution and possibly other products, allows remote attackers to cause a denial of service (persistent client crash) via an attached text file that contains "Content-Disposition: inline" in the header, and a very long line in the body, which causes the client to repeatedly crash until the e-mail message is manually removed, possibly due to a buffer overflow, as demonstrated using an XML attachment.

Affected products

GNOME Foundation/Evolution8 versions
cpe:2.3:a:gnome:evolution:2.3.1:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:gnome:evolution:2.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:2.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:2.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:2.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:2.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:2.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:2.3.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:2.3.7:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/16408nvdExploit
secunia.com/advisories/19504nvdVendor Advisory
www.novell.com/linux/security/advisories/2006_07_sr.htmlnvdVendor Advisory
archives.neohapsis.com/archives/fulldisclosure/2006-01/0925.htmlnvd
securityreason.com/securityalert/610nvd
www.mandriva.com/security/advisoriesnvd
usn.ubuntu.com/265-1/nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.004
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000