evolution, evolution28 security update

CentOS Errata and Security Advisory CESA-2008:0177 Updated evolution packages that fix a format string bug are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Evolution is the GNOME collection...

[SECURITY] [DSA 1512-1] New evolution packages fix arbitrary code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1512-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst March 05, 2008 http://www.debian.org/security/faq -...

Critical: Red Hat Security Advisory: evolution security update

Updated evolution packages that fix a format string bug are now available for Red Hat Enterprise Linux 4.5 Extended Update Support. This update has been rated as having critical security impact by the Red Hat Security Response Team. Evolution is the GNOME collection of personal information...

Evolution format string flaw

Format string vulnerability in the emfmultipartencrypted function in mail/em-format.c in Evolution 2.12.3 and earlier allows remote attackers to execute arbitrary code via a crafted encrypted message, as demonstrated using the Version field...

Critical: Red Hat Security Advisory: evolution security update

Updated evolution packages that fix a format string bug are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Evolution is the GNOME collection of personal information management PIM tools. A...

Evolution format string flaw

Format string vulnerability in the emfmultipartencrypted function in mail/em-format.c in Evolution 2.12.3 and earlier allows remote attackers to execute arbitrary code via a crafted encrypted message, as demonstrated using the Version field...

[SECURITY] [DSA 1512-1] New evolution packages fix arbitrary code execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1512-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst March 05, 2008 http://www.debian.org/security/faq -...

Evolution: Format string vulnerability

Background Evolution is a GNOME groupware application. Description Ulf Harnhammar from Secunia Research discovered a format string error in the emfmultipartencrypted function in the file mail/em-format.c when reading certain data e.g. the "Version:" field from an encrypted e-mail. Impact A remote...

Critical: evolution security update

evolution-2.0.2-35.0.4.el46.1: 2.0.2-35.0.4.el4.1 - Add patch for RH bug 435797 format string vulnerability. evolution28-2.8.0-53.el46.2.0.1: 2.8.0-53.el46.2.0.1 - Comment evolution-2.8.0-red-hat-branding.patch to make evolution as vendor neutral 2.8.0-53.el46.2 - Fix hardcoded %dist tag for...

Evolution format string vulnerability

Format string vulnerability on encrypted mail parsing...

DSA-1512-1 evolution - remote code execution

Bulletin has no description...

ICQ消息处理远程格式串漏洞

BUGTRAQ ID: 28027 CNCAN ID:CNCAN-2008022904 ICQ是一款流行的即时信息通讯程序。 ICQ存在格式串错误，远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 当生成HTML代码显示在嵌入IE组件中时存在格式串错误，发送特殊构建的包含格式串字符的消息其他用户，可触发内存破坏，可能以应用程序进程权限执行任意指令。 ICQ Inc. ICQ 6 目前没有解决方案提供： http://www.icq.com/...

CVE-2008-1127

Format string vulnerability in the cryactio function in Crysis 1.1.1.5879 allows remote authenticated users to execute arbitrary code via format string specifiers in the user name, which is triggered when the game character is killed...

Format string

Format string vulnerability in the cryactio function in Crysis 1.1.1.5879 allows remote authenticated users to execute arbitrary code via format string specifiers in the user name, which is triggered when the game character is killed...

CVE-2008-1127

Format string vulnerability in the cryactio function in Crysis 1.1.1.5879 allows remote authenticated users to execute arbitrary code via format string specifiers in the user name, which is triggered when the game character is killed...

CVE-2008-1127

CVE-2008-1127 affects the game Crysis (Crysis 1.1.1.5879) in the cryactio function. The vulnerability is a format string flaw in the user name field that can be triggered when the game character is killed, allowing remote authenticated users to execute arbitrary code. Affected component: cryactio...

Format string

Format string vulnerability in the embedded Internet Explorer component for Mirabilis ICQ 6 build 6043 allows remote servers to execute arbitrary code or cause a denial of service crash via unspecified vectors related to HTML code generation...

CVE-2008-1120

CVE-2008-1120 affects Mirabilis ICQ 6, build 6043, via a vulnerability in the embedded Internet Explorer component responsible for HTML code generation. The issue is a format string vulnerability that may allow a remote attacker to trigger arbitrary code execution or cause a crash on the affected...

Livebox routers format string vulnerability

Format string vulnerability in built-in ADI Convergence Galaxy FTP Server...

Crysis <= 1.1.1.5879 Remote Format String Denial of Service PoC

No description provided by source. The Crysis engine passes along internal debug strings through the game. One of them is passed to vsprintf in the crt lib: 30503263 8D8C24 10100000 LEA ECX,DWORD PTR SS:ESP+1010 3050326A 51 PUSH ECX 3050326B 50 PUSH EAX 3050326C 8D5424 08 LEA EDX,DWORD PTR SS:ESP...