Lucene search
RedHatRHSA-2008:0178HistoryMar 05, 2008 - 12:00 a.m.
(RHSA-2008:0178) Critical: evolution security update
2008-03-0500:00:00
access.redhat.com
9
0.435 Medium
EPSS
Percentile
97.4%
Evolution is the GNOME collection of personal information management (PIM)
tools.
A format string flaw was found in the way Evolution displayed encrypted
mail content. If a user opened a carefully crafted mail message, arbitrary
code could be executed as the user running Evolution. (CVE-2008-0072)
All users of Evolution should upgrade to these updated packages, which
contain a backported patch which resolves this issue.
Red Hat would like to thank Ulf Harnhammar of Secunia Research for finding
and reporting this issue.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 4 | s390x | evolution | < 2.0.2-35.0.4.el4_5.1 | evolution-2.0.2-35.0.4.el4_5.1.s390x.rpm |
| RedHat | 4 | i386 | evolution-devel | < 2.0.2-35.0.4.el4_5.1 | evolution-devel-2.0.2-35.0.4.el4_5.1.i386.rpm |
| RedHat | 4 | i386 | evolution | < 2.0.2-35.0.4.el4_5.1 | evolution-2.0.2-35.0.4.el4_5.1.i386.rpm |
| RedHat | 4 | ia64 | evolution-devel | < 2.0.2-35.0.4.el4_5.1 | evolution-devel-2.0.2-35.0.4.el4_5.1.ia64.rpm |
| RedHat | 4 | x86_64 | evolution-devel | < 2.0.2-35.0.4.el4_5.1 | evolution-devel-2.0.2-35.0.4.el4_5.1.x86_64.rpm |
| RedHat | 4 | s390x | evolution-devel | < 2.0.2-35.0.4.el4_5.1 | evolution-devel-2.0.2-35.0.4.el4_5.1.s390x.rpm |
| RedHat | 4 | ppc | evolution-devel | < 2.0.2-35.0.4.el4_5.1 | evolution-devel-2.0.2-35.0.4.el4_5.1.ppc.rpm |
| RedHat | 4 | s390 | evolution-devel | < 2.0.2-35.0.4.el4_5.1 | evolution-devel-2.0.2-35.0.4.el4_5.1.s390.rpm |
| RedHat | 4 | ppc | evolution | < 2.0.2-35.0.4.el4_5.1 | evolution-2.0.2-35.0.4.el4_5.1.ppc.rpm |
| RedHat | 4 | s390 | evolution | < 2.0.2-35.0.4.el4_5.1 | evolution-2.0.2-35.0.4.el4_5.1.s390.rpm |
Related
oraclelinux
oraclelinux
Critical: evolution security update
2008-03-05 00:00:00
nessus
nessus
Oracle Linux 4 : evolution (ELSA-2008-0177)
2013-07-12 00:00:00
Mandriva Linux Security Advisory : evolution (MDVSA-2008:063)
2009-04-23 00:00:00
Fedora 7 : evolution-2.10.3-8.fc7 (2008-2290)
2008-03-07 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200803-12 (evolution)
2008-09-24 00:00:00
Ubuntu Update for evolution vulnerability USN-583-1
2009-03-23 00:00:00
Ubuntu: Security Advisory (USN-583-1)
2009-03-23 00:00:00
osv
osv
evolution - remote code execution
2008-03-05 00:00:00
prion
prion
Format string
2008-03-06 00:44:00
cvelist
cvelist
CVE-2008-0072
2008-03-06 00:00:00
securityvulns
securityvulns
Evolution format string vulnerability
2008-03-05 00:00:00
[SECURITY] [DSA 1512-1] New evolution packages fix arbitrary code execution
2008-03-05 00:00:00
cve
cve
CVE-2008-0072
2008-03-06 00:44:00
suse
suse
remote code execution in evolution
2008-03-14 10:18:34
centos
centos
evolution, evolution28 security update
2008-03-05 19:23:46
debian
debian
[SECURITY] [DSA 1512-1] New evolution packages fix arbitrary code execution
2008-03-05 14:43:46
fedora
fedora
[SECURITY] Fedora 8 Update: evolution-2.12.3-3.fc8
2008-03-06 16:38:34
[SECURITY] Fedora 7 Update: evolution-2.10.3-8.fc7
2008-03-06 16:38:15
[SECURITY] Fedora 8 Update: evolution-2.12.3-5.fc8
2008-06-06 07:49:59
nvd
nvd
CVE-2008-0072
2008-03-06 00:44:00
redhat
redhat
(RHSA-2008:0177) Critical: evolution security update
2008-03-05 00:00:00
ubuntu
ubuntu
Evolution vulnerability
2008-03-05 00:00:00
debiancve
debiancve
CVE-2008-0072
2008-03-06 00:44:00
gentoo
gentoo
Evolution: Format string vulnerability
2008-03-05 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:20:55
cert
cert
GNOME Evolution format string vulnerability
2008-03-07 00:00:00
ubuntucve
ubuntucve
CVE-2008-0072
2008-03-06 00:00:00