A vulnerability has been reported in Sylpheed, which potentially can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to a boundary error in the "ldif_get_line()" function in "ldif.c" when importing a LDIF file into the address book. This can be exploited to cause a stack-based buffer overflow and may allow arbitrary code execution via a specially crafted LDIF file with more than 2048 characters in a single line.
Successful exploitation requires that the user is e.g. tricked into importing a malicious LDIF file.
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to firstname.lastname@example.org