Critical: evolution security update

evolution-2.0.2-35.0.4.el46.1: 2.0.2-35.0.4.el4.1 - Add patch for RH bug 435797 format string vulnerability. evolution28-2.8.0-53.el46.2.0.1: 2.8.0-53.el46.2.0.1 - Comment evolution-2.8.0-red-hat-branding.patch to make evolution as vendor neutral 2.8.0-53.el46.2 - Fix hardcoded %dist tag for...

Evolution format string vulnerability

Format string vulnerability on encrypted mail parsing...

[SECURITY] [DSA 1512-1] New evolution packages fix arbitrary code execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1512-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst March 05, 2008 http://www.debian.org/security/faq -...

DSA-1512-1 evolution - remote code execution

Bulletin has no description...

Debian Security Advisory DSA 1016-1 (evolution)

The remote host is missing an update to evolution announced via advisory DSA 1016-1. Ulf Härnhammar discovered several format string vulnerabilities in Evolution, a free groupware suite, that could lead to crashes of the application or the execution of arbitrary code. For the old stable...

Debian Security Advisory DSA 1321-1 (evolution-data-server)

The remote host is missing an update to evolution-data-server announced via advisory DSA 1321-1. OpenVAS Vulnerability Test $Id: deb13211.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1321-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian Security Advisory DSA 1325-1 (evolution)

The remote host is missing an update to evolution announced via advisory DSA 1325-1. OpenVAS Vulnerability Test $Id: deb13251.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1325-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian Security Advisory DSA 673-1 (evolution)

The remote host is missing an update to evolution announced via advisory DSA 673-1. OpenVAS Vulnerability Test $Id: deb6731.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 673-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian: Security Advisory (DSA-673-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-1321-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-1325-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-1016-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SuSE 10 Security Update : evolution-data-server (ZYPP Patch Number 3826)

A malicious IMAP server could execute code within evolution by sending a malformed response to a SEQUENCE command. CVE-2007-3257 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...

Information disclosure

TuMusika Evolution 1.7R5 allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2007-6221

TuMusika Evolution 1.7R5 allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2007-6221

TuMusika Evolution 1.7R5 allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2007-6221

The vulnerability CVE-2007-6221 affects TuMusika Evolution 1.7R5. A direct request to phpinfo.php calls phpinfo, enabling remote attackers to disclose configuration information. No remediation details are provided in the connected documents. The exact root cause is exposure of PHP configuration d...

Directory traversal

Multiple directory traversal vulnerabilities in TuMusika Evolution 1.7R5 allow remote attackers to include and execute arbitrary local files via a .. dot dot in the language parameter to 1 languagesn.php, 2 languagesf.php, or 3 languages.php in inc/; and 4 allow remote attackers to read arbitrary...

CVE-2007-6188

Multiple directory traversal vulnerabilities in TuMusika Evolution 1.7R5 allow remote attackers to include and execute arbitrary local files via a .. dot dot in the language parameter to 1 languagesn.php, 2 languagesf.php, or 3 languages.php in inc/; and 4 allow remote attackers to read arbitrary...

CVE-2007-6188

Multiple directory traversal vulnerabilities in TuMusika Evolution 1.7R5 allow remote attackers to include and execute arbitrary local files via a .. dot dot in the language parameter to 1 languagesn.php, 2 languagesf.php, or 3 languages.php in inc/; and 4 allow remote attackers to read arbitrary...