7.7 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.083 Low
EPSS
Percentile
94.3%
Multiple format string vulnerabilities in Evolution 1.5 through 2.3.6.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) full vCard data, (2) contact data from remote LDAP servers, or (3) task list data from remote servers.
marc.info/?l=full-disclosure&m=112368237712032&w=2
secunia.com/advisories/16394
secunia.com/advisories/19380
www.debian.org/security/2006/dsa-1016
www.mandriva.com/security/advisories?name=MDKSA-2005:141
www.novell.com/linux/security/advisories/2005_54_evolution.html
www.redhat.com/archives/fedora-announce-list/2005-August/msg00031.html
www.redhat.com/support/errata/RHSA-2005-267.html
www.securityfocus.com/archive/1/407789
www.securityfocus.com/bid/14532
www.sitic.se/eng/advisories_and_recommendations/sa05-001.html
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9553
usn.ubuntu.com/166-1/