2068 matches found
CentOS 3 / 4 : evolution (CESA-2007:0353)
Updated evolution packages that fix a security bug are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Evolution is the GNOME collection of personal information management PIM tools. A flaw wa...
evolution security update
CentOS Errata and Security Advisory CESA-2007:0353 Updated evolution packages that fix a security bug are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Evolution is the GNOME collection of...
Moderate: Red Hat Security Advisory: evolution security update
Updated evolution packages that fix a security bug are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Evolution is the GNOME collection of personal information management PIM tools. A flaw wa...
fetchmail/mutt/evolution/...: APOP password disclosure vulnerability
The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle MITM attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APOP, including 1 Thunderbird 1.x before 1.5.0.12 and...
Moderate: evolution security update
2.0.2-35.0.2.el4 - Add missing BuildRequires scrollkeeper. 2.0.2-35.0.1.el4 - Add patch for RH bug 238565 APOP authentication vulnerability...
Fedora Core 5 : evolution-data-server-1.6.3-4.fc5 (2007-485)
This update fixes a security vulnerability in APOP authentication. This only affects POP mail accounts. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much a...
Fedora Core 6 : evolution-data-server-1.8.3-6.fc6 (2007-484)
This update fixes a security vulnerability in APOP authentication. This only affects POP mail accounts. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much a...
[SECURITY] Fedora Core 6 Update: evolution-data-server-1.8.3-6.fc6
The evolution-data-server package provides a unified backend for programs that work with contacts, tasks, and calendar information. It was originally developed for Evolution hence the name, but is now used by other packages...
[SECURITY] Fedora Core 5 Update: evolution-data-server-1.6.3-4.fc5
The evolution-data-server package provides a unified backend for programs t hat work with contacts, tasks, and calendar information. It was originally developed for Evolution hence the name, but is now used by other packages...
Moderate: Red Hat Security Advisory: evolution security update
Updated evolution packages that fix a format string bug are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Evolution is the GNOME collection of personal information management PIM tools. A format...
evolution format string flaw
Format string vulnerability in the writehtml function in calendar/gui/e-cal-component-memo-preview.c in Evolution Shared Memo 2.8.2.1, and possibly earlier versions, allows user-assisted remote attackers to execute arbitrary code via format specifiers in the categories of a crafted shared memo...
NukeSentinel Bypass SQL Injection & Nuke Evolution <= 2.0.3 SQL Injections
PROGRAM: Nuke-Evolution & NukeSentinel HOMEPAGE: http://www.nuke-evolution.com/ VERSION: All versions BUG 1 NukeSentinel Bypass SQL Injection Protection BUG 2 Nuke Evolution = 2.0.3 SQL Injections vulnerabilities AUTHOR: Aleksandar NukeSentinel Bypass SQL Injection Protection nukesentinel.php Lin...
nuke-bypass.txt
PROGRAM: Nuke-Evolution & NukeSentinel HOMEPAGE: http://www.nuke-evolution.com/ VERSION: All versions BUG 1 NukeSentinel Bypass SQL Injection Protection BUG 2 Nuke Evolution 0 if stristr$nsnstconst'querystring','+union+' OR stristr$nsnstconst'querystring','%20union%20' OR...
CVE-2007-2090
Cross-site scripting XSS vulnerability in index.php in TuMusika Evolution 1.6 allows remote attackers to inject arbitrary web script or HTML via the msg parameter...
CVE-2007-2090
Cross-site scripting XSS vulnerability in index.php in TuMusika Evolution 1.6 allows remote attackers to inject arbitrary web script or HTML via the msg parameter...
CVE-2007-2090
CVE-2007-2090 is a Cross-site scripting (XSS) vulnerability in TuMusika Evolution 1.6, fixed by abusing index.php via the msg parameter to inject arbitrary script/HTML. The vulnerability’s CVSS v2 base score is 6.8 (Medium) with partial impact on confidentiality, integrity, and availability, and ...
Code injection
The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle MITM attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APOP, including 1 Thunderbird 1.x before 1.5.0.12 and...
CVE-2007-1558
The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle MITM attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APOP, including 1 Thunderbird 1.x before 1.5.0.12 and...
CVE-2007-1558
CVE-2007-1558 describes a cryptographic weakness in APOP authentication that lowers MITM attack cost to recover passwords. Connected advisories show this affects multiple mail clients (e.g., Thunderbird/Icedove, Iceape, fetchmail) and related POP/ALOP implementations. Debian DSA-1305-1 and CentOS...
TuMusika Evolution 1.6 Cross Site Scripting Vulnerabilitiy
""""""""""""""""""""""""""""""""""""""""""""""" """ :: :: ::::: :::: """ """ :: :: :: : :: """ """ :::: :: :: ::::: ::::: :::: """ """ :: :: ::: ::: :: :: :: :: :: """ """ :: :: :: : : ::::: :: :: :::: """ """ """ """"""""""""""""""""""""""""""""""""""""""""""" Xmor$ Security Vulnerability Resear...