2068 matches found
tumushika-xss.txt
""""""""""""""""""""""""""""""""""""""""""""""" """ :: :: ::::: :::: """ """ :: :: :: : :: """ """ :::: :: :: ::::: ::::: :::: """ """ :: :: ::: ::: :: :: :: :: :: """ """ :: :: :: : : ::::: :: :: :::: """ """ """ """"""""""""""""""""""""""""""""""""""""""""""" Xmor$ Security Vulnerability Resear...
TuMusika Evolution 1.6 - index.php Cross-Site Scripting
TuMusika Evolution 1.6 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/23452/info TuMusika Evolution is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute...
TuMusika Evolution 1.6 - 'index.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/23452/info TuMusika Evolution is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting...
Fedora Core 5 : evolution-2.6.3-2.fc5 (2007-404)
This update fixes a security flaw that allowed a specially crafted shared memo to execute arbitrary code. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much...
Fedora Core 6 : evolution-2.8.3-2.fc6 (2007-393)
This update fixes a security flaw that allowed a specially crafted shared memo to execute arbitrary code. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much...
Mandrake Linux Security Advisory : evolution (MDKSA-2007:070)
A format string error in the 'writehtml' function in calendar/gui/ e-cal-component-memo-preview.c when displaying a memo's categories can potentially be exploited to execute arbitrary code via a specially crafted shared memo containing format specifiers. Updated packages have been patched to...
[SECURITY] Fedora Core 5 Update: evolution-2.6.3-2.fc5
Evolution is the GNOME mailer, calendar, contact manager and communications tool. The tools which make up Evolution will be tightly integrated with one another and act as a seamless personal information-management tool...
[SECURITY] Fedora Core 6 Update: evolution-2.8.3-2.fc6
Evolution is the GNOME mailer, calendar, contact manager and communications tool. The tools which make up Evolution will be tightly integrated with one another and act as a seamless personal information-management tool...
USN-442-1: Evolution vulnerability
Ulf Harnhammar of Secunia Research discovered that Evolution did not correctly handle format strings when displaying shared memos. If a remote attacker tricked a user into viewing a specially crafted shared memo, they could execute arbitrary code with user privileges...
Gnome Evolution格式串漏洞
Gnome Evolution是一款开放源代码的邮件客户端。 Gnome Evolution包含的"writehtml"函数存在格式串问题,远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 问题存在于calendar/gui/e-cal-component-memo-preview.c中的"writehtml"函数中,当显示memo的目录时存在格式串错误,目标用户如果在邮箱中打开共享的MEMO,并点接收,在"Memo"标签下查看MEMO可触发漏洞。 GNOME Evolution 2.8.2.1 目前没有解决方案提供: http://www.gnome.org/...
Gnome Evolution calendar format string vulnerability
Format string vulnerability on shared memo parsing...
Secunia Research: Evolution Shared Memo Categories Format String Vulnerability
====================================================================== Secunia Research 21/03/2007 - Evolution Shared Memo Categories Format String Vulnerability - ====================================================================== Table of Contents Affected...
CVE-2007-1002
Format string vulnerability in the writehtml function in calendar/gui/e-cal-component-memo-preview.c in Evolution Shared Memo 2.8.2.1, and possibly earlier versions, allows user-assisted remote attackers to execute arbitrary code via format specifiers in the categories of a crafted shared memo...
Format string
Format string vulnerability in the writehtml function in calendar/gui/e-cal-component-memo-preview.c in Evolution Shared Memo 2.8.2.1, and possibly earlier versions, allows user-assisted remote attackers to execute arbitrary code via format specifiers in the categories of a crafted shared memo...
DEBIAN-CVE-2007-1002
Format string vulnerability in the writehtml function in calendar/gui/e-cal-component-memo-preview.c in Evolution Shared Memo 2.8.2.1, and possibly earlier versions, allows user-assisted remote attackers to execute arbitrary code via format specifiers in the categories of a crafted shared memo...
CVE-2007-1002
Format string vulnerability in the writehtml function in calendar/gui/e-cal-component-memo-preview.c in Evolution Shared Memo 2.8.2.1, and possibly earlier versions, allows user-assisted remote attackers to execute arbitrary code via format specifiers in the categories of a crafted shared memo...
CVE-2007-1002
Format string vulnerability in the writehtml function in calendar/gui/e-cal-component-memo-preview.c in Evolution Shared Memo 2.8.2.1, and possibly earlier versions, allows user-assisted remote attackers to execute arbitrary code via format specifiers in the categories of a crafted shared memo...
CVE-2007-1002
Format string vulnerability in the writehtml function in calendar/gui/e-cal-component-memo-preview.c in Evolution Shared Memo 2.8.2.1, and possibly earlier versions, allows user-assisted remote attackers to execute arbitrary code via format specifiers in the categories of a crafted shared memo...
CVE-2007-1002
Format string vulnerability in the writehtml function in calendar/gui/e-cal-component-memo-preview.c in Evolution Shared Memo 2.8.2.1, and possibly earlier versions, allows user-assisted remote attackers to execute arbitrary code via format specifiers in the categories of a crafted shared memo...
CVE-2007-1002
CVE-2007-1002 is a format-string vulnerability in Evolution's write_html function (e-cal-component-memo-preview.c) affecting Evolution 2.8.2.1 and possibly earlier, enabling a crafted shared memo to execute arbitrary code via format specifiers. Connected advisories (RHSA-2007:0158, MDKSA-2007:070...