2068 matches found
CVE-2007-1266
Evolution 2.8.1 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Evolution from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message...
Design/Logic Flaw
Evolution 2.8.1 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Evolution from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message...
CVE-2007-1266
Evolution 2.8.1 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Evolution from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message...
DEBIAN-CVE-2007-1266
Evolution 2.8.1 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Evolution from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message...
CVE-2007-1266
Evolution 2.8.1 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Evolution from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message...
CVE-2007-1266
Evolution 2.8.1 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Evolution from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message...
CVE-2007-1266
CVE-2007-1266 affects Evolution 2.8.1 and earlier. The issue is that Evolution does not properly use the --status-fd argument when invoking GnuPG, preventing it from visually distinguishing between signed and unsigned portions of OpenPGP messages that have multiple components. As a result, a remo...
CVE-2007-1266
Evolution 2.8.1 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Evolution from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message...
CORE-2007-0115: GnuPG and GnuPG clients unsigned data injection vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ GnuPG and GnuPG clients unsigned data injection vulnerability Date Published: 2007-03-05 Last Update: 2007-03-05 Advisory ID: CORE-2007-0115 Bugtraq IDs: BID 22757 -...
Gnome Evolution 2.x - GnuPG Arbitrary Content Injection
Gnome Evolution 2.x - GnuPG Arbitrary Content Injection source: https://www.securityfocus.com/bid/22760/info Evolution is prone to a vulnerability that may allow an attacker to add arbitrary content into a message without the end user knowing. An attacker may be able to exploit this issue to add...
GnuPG and GnuPG clients unsigned data injection vulnerability
Advisory ID Internal CORE-2007-0115 Date Published: 2007-03-05 Last Update: 2007-03-05 Advisory ID: CORE-2007-0115 Bugtraq IDs: BID 22757 - GnuPG BID 22758 - Enigmail BID 22759 - KMail BID 22760 - Evolution BID 22777 - Sylpheed BID 22778 - Mutt BID 22779 - GNUMail CVE Names: CVE-2007-1263 for the...
Gnome Evolution 2.x - GnuPG Arbitrary Content Injection
source: https://www.securityfocus.com/bid/22760/info Evolution is prone to a vulnerability that may allow an attacker to add arbitrary content into a message without the end user knowing. An attacker may be able to exploit this issue to add arbitrary content into a GnuPG signed and/or encrypted...
MDKA-2006:066 : evolution-sharp
The evolution-sharp bindings weren't configured properly, preventing beagle from indexing Evolution mailboxes. This update fixes this issue. %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a security fix. Disabled on 2012/09/06. C Tenable...
CentOS 4 : Evolution (CESA-2005:397)
Updated evolution packages that fix various security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Evolution is a GNOME-based collection of personal information management PIM tools. A bug was found in the way...
Debian DSA-1016-1 : evolution - format string vulnerabilities
Ulf Harnhammar discovered several format string vulnerabilities in Evolution, a free groupware suite, that could lead to crashes of the application or the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
CVE-2006-5090
Multiple cross-site scripting XSS vulnerabilities in Phoenix Evolution CMS PECMS allow remote attackers to inject arbitrary web script or HTML via the 1 mod or 2 action parameters in index.php, or the 3 pageid parameter in modules/pageedit/index.php. NOTE: the provenance of this information is...
CVE-2006-5090
Multiple cross-site scripting XSS vulnerabilities in Phoenix Evolution CMS PECMS allow remote attackers to inject arbitrary web script or HTML via the 1 mod or 2 action parameters in index.php, or the 3 pageid parameter in modules/pageedit/index.php. NOTE: the provenance of this information is...
Phoenix Evolution CMS - index.php Multiple Cross-Site Scripting Vulnerabilities
Phoenix Evolution CMS - index.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/20212/info Phoenix Evolution CMS is prone to multiple cross-site scripting vulnerabilities because the application fails to sanitize user-supplied input. An attacker may...
Phoenix Evolution CMS - modulespageeditindex.php?pageid Cross-Site Scripting
Phoenix Evolution CMS - modulespageeditindex.php?pageid Cross-Site Scripting source: https://www.securityfocus.com/bid/20212/info Phoenix Evolution CMS is prone to multiple cross-site scripting vulnerabilities because the application fails to sanitize user-supplied input. An attacker may leverage...
Phoenix Evolution CMS - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/20212/info Phoenix Evolution CMS is prone to multiple cross-site scripting vulnerabilities because the application fails to sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an...