Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2007:0510
HistoryJun 25, 2007 - 12:00 a.m.

(RHSA-2007:0510) Important: evolution-data-server security update

2007-06-2500:00:00
access.redhat.com
10

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.027 Low

EPSS

Percentile

89.3%

JSON

The evolution-data-server package provides a unified backend for programs
that work with contacts, tasks, and calendar information.

A flaw was found in the way evolution-data-server processes certain IMAP
server messages. If a user can be tricked into connecting to a malicious
IMAP server it may be possible to execute arbitrary code as the user
running the evolution-data-server process. (CVE-2007-3257)

All users of evolution-data-server should upgrade to these updated
packages, which contain a backported patch which resolves this issue.

OSVersionArchitecturePackageVersionFilename
RedHat5i386evolution-data-server< 1.8.0-15.0.4.el5evolution-data-server-1.8.0-15.0.4.el5.i386.rpm
RedHat5ppc64evolution-data-server< 1.8.0-15.0.4.el5evolution-data-server-1.8.0-15.0.4.el5.ppc64.rpm
RedHat5x86_64evolution-data-server-devel< 1.8.0-15.0.4.el5evolution-data-server-devel-1.8.0-15.0.4.el5.x86_64.rpm
RedHat5s390evolution-data-server-devel< 1.8.0-15.0.4.el5evolution-data-server-devel-1.8.0-15.0.4.el5.s390.rpm
RedHat5srcevolution-data-server< 1.8.0-15.0.4.el5evolution-data-server-1.8.0-15.0.4.el5.src.rpm
RedHat5ia64evolution-data-server< 1.8.0-15.0.4.el5evolution-data-server-1.8.0-15.0.4.el5.ia64.rpm
RedHat5ppc64evolution-data-server-devel< 1.8.0-15.0.4.el5evolution-data-server-devel-1.8.0-15.0.4.el5.ppc64.rpm
RedHat5ia64evolution-data-server-devel< 1.8.0-15.0.4.el5evolution-data-server-devel-1.8.0-15.0.4.el5.ia64.rpm
RedHat5s390evolution-data-server< 1.8.0-15.0.4.el5evolution-data-server-1.8.0-15.0.4.el5.s390.rpm
RedHat5x86_64evolution-data-server< 1.8.0-15.0.4.el5evolution-data-server-1.8.0-15.0.4.el5.x86_64.rpm
Rows per page:
1-10 of 151

Related

nessus 17
prion 1
openvas 16
securityvulns 2
debian 2
ubuntucve 1
oraclelinux 2
centos 2
redhat 1
cve 1
gentoo 2
freebsd 1
cvelist 1
debiancve 1
ubuntu 1
suse 1
veracode 1
osv 1
nessus
nessus
Mandrake Linux Security Advisory : evolution (MDKSA-2007:136)
2007-06-27 00:00:00
Oracle Linux 3 / 4 : evolution (ELSA-2007-0509)
2013-07-12 00:00:00
Scientific Linux Security Update : evolution on SL5.x i386/x86_64
2012-08-01 00:00:00
prion
prion
Code injection
2007-06-19 16:30:00
openvas
openvas
Gentoo Security Advisory GLSA 200711-04 (evolution-data-server)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200707-03 (evolution-data-server)
2008-09-24 00:00:00
Ubuntu Update for evolution-data-server vulnerability USN-475-1
2009-03-23 00:00:00
securityvulns
securityvulns
Evolution Data Server integer overflow
2007-06-22 00:00:00
[Full-disclosure] [USN-475-1] evolution-data-server vulnerability
2007-06-22 00:00:00
debian
debian
[SECURITY] [DSA 1321-1] New evolution-data-server packages fix arbitrary code execution
2007-06-23 00:00:00
[SECURITY] [DSA 1325-1] New evolution packages fix arbitrary code execution
2007-06-29 00:00:00
ubuntucve
ubuntucve
CVE-2007-3257
2007-06-19 00:00:00
oraclelinux
oraclelinux
Important: evolution security update
2007-06-25 00:00:00
Important: evolution-data-server security update
2007-06-26 00:00:00
centos
centos
evolution security update
2007-06-27 11:05:43
evolution security update
2007-06-25 14:45:34
redhat
redhat
(RHSA-2007:0509) Important: evolution security update
2007-06-25 00:00:00
cve
cve
CVE-2007-3257
2007-06-19 16:30:00
gentoo
gentoo
Evolution: User-assisted remote execution of arbitrary code
2007-07-02 00:00:00
Evolution: User-assisted remote execution of arbitrary code
2007-11-06 00:00:00
freebsd
freebsd
evolution-data-server -- remote execution of arbitrary code vulnerability
2007-06-23 00:00:00
cvelist
cvelist
CVE-2007-3257
2007-06-19 16:00:00
debiancve
debiancve
CVE-2007-3257
2007-06-19 16:30:00
ubuntu
ubuntu
evolution-data-server vulnerability
2007-06-21 00:00:00
suse
suse
remote code execution in evolution,evolution-data-server
2007-07-05 17:43:27
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:19:11
osv
osv
evolution
2007-06-29 00:00:00

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.027 Low

EPSS

Percentile

89.3%

JSON
Related for RHSA-2007:0510
nessus17prion1openvas16securityvulns2debian2ubuntucve1oraclelinux2centos2redhat1cve1gentoo2freebsd1cvelist1debiancve1ubuntu1suse1veracode1osv1