[Full-disclosure] Evolution multiple remote format string bugs

SITIC Vulnerability Advisory Advisory Name: Evolution multiple remote format string bugs Advisory Reference: SA05-001 Date of initial release: 2005-08-10 Product: Evolution 1.5, 2.0, 2.1, 2.2, 2.3 Platform: Linux, BSD systems, Unix Effect: Remote code execution Vulnerability Identifier: Not...

evolution -- remote format string vulnerabilities

A SITIC Vulnerability Advisory reports: Evolution suffers from several format string bugs when handling data from remote sources. These bugs lead to crashes or the execution of arbitrary assembly language code. The first format string bug occurs when viewing the full vCard data attached to an...

USN-156-1: TIFF vulnerability

Wouter Hanegraaff discovered that the TIFF library did not sufficiently validate the "YCbCr subsampling" value in TIFF image headers. Decoding a malicious image with a zero value resulted in an arithmetic exception, which caused the program that uses the TIFF library to crash. This leads to a...

[USN-156-1] TIFF vulnerability

=========================================================== Ubuntu Security Notice USN-156-1 July 29, 2005 tiff vulnerability https://bugzilla.ubuntu.com/showbug.cgi?id=12008 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu...

FreeBSD : evolution -- arbitrary code execution vulnerability (b8943e61-6e68-11d9-a9e7-0001020eed82)

Martin Joey Schulze reports : Max Vozeler discovered an integer overflow in the helper application camel-lock-helper which runs setuid root or setgid mail inside of Evolution, a free groupware suite. A local attacker can cause the setuid root helper to execute arbitrary code with elevated...

CVE-2002-1765

Evolution 1.0.3 and 1.0.4 allows remote attackers to cause a denial of service memory consumption and crash via an email with a malformed MIME header...

CVE-2002-1765

Evolution 1.0.3 and 1.0.4 allows remote attackers to cause a denial of service memory consumption and crash via an email with a malformed MIME header...

CVE-2002-1765

This CVE concerns Evolution 1.0.3 and 1.0.4. A remote attacker can trigger a denial of service by sending an email with a malformed MIME header, causing memory consumption and a crash. The documents do not specify additional affected components beyond the Evolution versions cited, nor provide exp...

evolution security update

CentOS Errata and Security Advisory CESA-2005:238 Updated evolution packages that fix various bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. Evolution is the GNOME collection of personal information management PIM tools...

security flaw

Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow...

Low: Red Hat Security Advisory: evolution security update

Updated evolution packages that fix various bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. Evolution is the GNOME collection of personal information management PIM tools. Evolution includes a mailer, calendar, contact manage...

RHEL 3 : evolution (RHSA-2005:238)

Updated evolution packages that fix various bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. Evolution is the GNOME collection of personal information management PIM tools. Evolution includes a mailer, calendar, contact manage...

evolution security update

CentOS Errata and Security Advisory CESA-2005:397 Updated evolution packages that fix various security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Evolution is a GNOME-based collection of personal information...

security flaw

Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow...

security flaw

Evolution 2.0.3 allows remote attackers to cause a denial of service application crash or hang via crafted messages, possibly involving charsets in attachment filenames...

Moderate: Red Hat Security Advisory: evolution security update

Updated evolution packages that fix various security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Evolution is a GNOME-based collection of personal information management PIM tools. A bug was found in the way...

RHEL 4 : evolution (RHSA-2005:397)

The remote Redhat Enterprise Linux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2005:397 advisory. Evolution is a GNOME-based collection of personal information management PIM tools. A bug was found in the way Evolution displays mail...

CVE-2005-0806

Evolution 2.0.3 allows remote attackers to cause a denial of service application crash or hang via crafted messages, possibly involving charsets in attachment filenames...

DEBIAN-CVE-2005-0806

Evolution 2.0.3 allows remote attackers to cause a denial of service application crash or hang via crafted messages, possibly involving charsets in attachment filenames...

CVE-2005-0806

Evolution 2.0.3 allows remote attackers to cause a denial of service application crash or hang via crafted messages, possibly involving charsets in attachment filenames...