Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2008-1109HistoryJun 04, 2008 - 8:32 p.m.
CVE-2008-1109
2008-06-0420:32:00
Debian Security Bug Tracker
security-tracker.debian.org
9
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.165 Low
EPSS
Percentile
96.0%
Heap-based buffer overflow in Evolution 2.22.1 allows user-assisted remote attackers to execute arbitrary code via a long DESCRIPTION property in an iCalendar attachment, which is not properly handled during a reply in the calendar view (aka the Calendars window).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | evolution | < 2.22.2-1.1 | evolution_2.22.2-1.1_all.deb |
| Debian | 11 | all | evolution | < 2.22.2-1.1 | evolution_2.22.2-1.1_all.deb |
| Debian | 10 | all | evolution | < 2.22.2-1.1 | evolution_2.22.2-1.1_all.deb |
| Debian | 999 | all | evolution | < 2.22.2-1.1 | evolution_2.22.2-1.1_all.deb |
| Debian | 13 | all | evolution | < 2.22.2-1.1 | evolution_2.22.2-1.1_all.deb |
Related
cvelist
cvelist
CVE-2008-1109
2008-06-04 20:00:00
nvd
nvd
CVE-2008-1109
2008-06-04 20:32:00
cve
cve
CVE-2008-1109
2008-06-04 20:32:00
ubuntucve
ubuntucve
CVE-2008-1109
2008-06-04 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:29:21
prion
prion
Heap overflow
2008-06-04 20:32:00
openvas
openvas
Gentoo Security Advisory GLSA 200806-06 (evolution)
2008-09-24 00:00:00
Ubuntu Update for evolution vulnerabilities USN-615-1
2009-03-23 00:00:00
CentOS Update for evolution28 CESA-2008:0515 centos4 i386
2009-02-27 00:00:00
nessus
nessus
RHEL 5 : evolution (RHSA-2008:0514)
2008-06-04 00:00:00
RHEL 4 : evolution28 (RHSA-2008:0515)
2008-06-05 00:00:00
Fedora 7 : evolution-2.10.3-10.fc7 (2008-5018)
2008-06-09 00:00:00
suse
suse
remote code execution in evolution
2008-06-13 16:03:48
gentoo
gentoo
Evolution: User-assisted execution of arbitrary code
2008-06-16 00:00:00
centos
centos
evolution28 security update
2008-06-04 16:27:50
evolution security update
2008-06-26 01:08:58
fedora
fedora
[SECURITY] Fedora 9 Update: evolution-2.22.2-2.fc9
2008-06-06 07:48:27
[SECURITY] Fedora 7 Update: evolution-2.10.3-10.fc7
2008-06-06 07:50:16
[SECURITY] Fedora 8 Update: evolution-2.12.3-5.fc8
2008-06-06 07:49:59
ubuntu
ubuntu
Evolution vulnerabilities
2008-06-06 00:00:00
oraclelinux
oraclelinux
evolution28 security update
2008-06-04 00:00:00
redhat
redhat
(RHSA-2008:0514) Important: evolution security update
2008-06-04 00:00:00
(RHSA-2008:0515) Important: evolution28 security update
2008-06-04 00:00:00
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.165 Low
EPSS
Percentile
96.0%
Related for DEBIANCVE:CVE-2008-1109