Page History

[CVE-2009-0587|http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0587] results from a violation of this rule. Before version 2.24.5, Evolution Data Server performed unchecked arithmetic operations on the length of a user-input string and used the value to allocate space for a new buffer. Thus, an attacker could execute arbitrary code by inputting a long string, resulting in incorrect allocation and buffer overflow \[[xorl 2009|AA. C References#xorl 2009-0587http://xorl.wordpress.com/2009/06/10/cve-2009-0587-evolution-data-server-base64-integer-overflows/]\].

\[[Coverity 07|AA. C References#Coverity 07]\]
\[[ISO/IEC 9899:1999|AA. C References#ISO/IEC 9899-1999]\] Section 7.20.3, "Memory Management Functions"
\[[ISO/IEC PDTR 24772|AA. C References#ISO/IEC PDTR 24772]\] "XYB Buffer Overflow in Heap"
\[[MITRE 07|AA. C References#MITRE 07]\] [CWE ID 190|http://cwe.mitre.org/data/definitions/190.html], "Integer Overflow (Wrap or Wraparound)," and [CWE ID 131|http://cwe.mitre.org/data/definitions/131.html], "Incorrect Calculation of Buffer Size"
\[[Seacord 05|AA. C References#Seacord 05]\] Chapter 4, "Dynamic Memory Management," and Chapter 5, "Integer Security"
\[[xorl 2009|AA. C References#xorl 2009-0587]\] ["CVE-2009-0587: Evolution Data Server Base64 Integer Overflows"|http://xorl.wordpress.com/2009/06/10/cve-2009-0587-evolution-data-server-base64-integer-overflows/]