2068 matches found
CVE-2020-11879
An issue was discovered in GNOME Evolution before 3.35.91. By using the proprietary non-RFC6068 "mailto?attach=..." parameter, a website or other source of mailto links can make Evolution attach local files or directories to a composed email message without showing a warning to the user, as...
How to organize your security team: The evolution of cybersecurity roles and responsibilities
Digital transformation, cloud computing, and a sophisticated threat landscape are forcing everyone to rethink the functions of each role on their security teams, from Chief Information Security Officers CISOs to practitioners. With billions of people around the globe working from home, changes to...
Take a "NetWalk" on the Wild Side
ARCHIVED STORY Take a “NetWalk” on the Wild Side ATR Operational Intelligence Team · AUG 03, 2020 · 25 MIN READ Executive Summary The NetWalker ransomware, initially known as Mailto, was first detected in August 2019. Since then, new variants were discovered throughout 2019 and the beginning of...
Debian DLA-2309-1 : evolution-data-server security update
In Evolution Data Server a vulnerability was discovered that allowed a malicious server to crash the mail client. For Debian 9 stretch, this problem has been fixed in version 3.22.7-1+deb9u2. We recommend that you upgrade your evolution-data-server packages. For the detailed security status of...
Fedora 31 : evolution-data-server (2020-45041afb19)
Security fix for CVE-2020-14928 Response Injection via STARTTLS in SMTP and POP3 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...
Debian: Security Advisory (DLA-2309-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Take a "NetWalk" on the Wild Side
ARCHIVED STORY Take a “NetWalk” on the Wild Side ATR Operational Intelligence Team · AUG 03, 2020 · 25 MIN READ Executive Summary The NetWalker ransomware, initially known as Mailto, was first detected in August 2019. Since then, new variants were discovered throughout 2019 and the beginning of...
[SECURITY] [DLA 2309-1] evolution-data-server security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2309-1 [email protected] https://www.debian.org/lts/security/ August 02, 2020 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package...
Fedora: Security Advisory for evolution-data-server (FEDORA-2020-45041afb19)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
DLA-2309-1 evolution-data-server - security update
Bulletin has no description...
[SECURITY] Fedora 31 Update: evolution-data-server-3.34.4-2.fc31
The evolution-data-server package provides a unified backend for programs t hat work with contacts, tasks, and calendar information. It was originally developed for Evolution hence the name, but is now used by other packages...
CVE-2020-16117
A NULL pointer dereference flaw was found in the GNOME evolution-data-server when a mail client parses invalid messages from a malicious server. This flaw allows an attacker who controls a mail server the ability to crash the mail clients. The highest threat from this vulnerability is to system...
DEBIAN-CVE-2020-16117
In GNOME evolution-data-server before 3.35.91, a malicious server can crash the mail client with a NULL pointer dereference by sending an invalid e.g., minimal CAPABILITY line on a connection attempt. This is related to imapxfreecapability and imapxconnecttoserver...
CVE-2020-16117
In GNOME evolution-data-server before 3.35.91, a malicious server can crash the mail client with a NULL pointer dereference by sending an invalid e.g., minimal CAPABILITY line on a connection attempt. This is related to imapxfreecapability and imapxconnecttoserver...
CVE-2020-16117
In GNOME evolution-data-server before 3.35.91, a malicious server can crash the mail client with a NULL pointer dereference by sending an invalid e.g., minimal CAPABILITY line on a connection attempt. This is related to imapxfreecapability and imapxconnecttoserver...
CVE-2020-16117
In GNOME evolution-data-server before 3.35.91, a malicious server can crash the mail client with a NULL pointer dereference by sending an invalid e.g., minimal CAPABILITY line on a connection attempt. This is related to imapxfreecapability and imapxconnecttoserver...
UBUNTU-CVE-2020-16117
In GNOME evolution-data-server before 3.35.91, a malicious server can crash the mail client with a NULL pointer dereference by sending an invalid e.g., minimal CAPABILITY line on a connection attempt. This is related to imapxfreecapability and imapxconnecttoserver...
CVE-2020-16117
In GNOME evolution-data-server before 3.35.91, a malicious server can crash the mail client with a NULL pointer dereference by sending an invalid e.g., minimal CAPABILITY line on a connection attempt. This is related to imapxfreecapability and imapxconnecttoserver...
CVE-2020-16117
CVE-2020-16117 affects GNOME evolution-data-server, prior to 3.35.91. A malicious server can crash the mail client by sending an invalid CAPABILITY line during a connection, causing a NULL pointer dereference in the imapx_free_capability/imapx_connect_to_server path. The issue is a client-side cr...
CVE-2020-16117
In GNOME evolution-data-server before 3.35.91, a malicious server can crash the mail client with a NULL pointer dereference by sending an invalid e.g., minimal CAPABILITY line on a connection attempt. This is related to imapxfreecapability and imapxconnecttoserver...