8517 matches found
Gnome Evolution格式串漏洞
Gnome Evolution是一款开放源代码的邮件客户端。 Gnome Evolution包含的"writehtml"函数存在格式串问题,远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 问题存在于calendar/gui/e-cal-component-memo-preview.c中的"writehtml"函数中,当显示memo的目录时存在格式串错误,目标用户如果在邮箱中打开共享的MEMO,并点接收,在"Memo"标签下查看MEMO可触发漏洞。 GNOME Evolution 2.8.2.1 目前没有解决方案提供: http://www.gnome.org/...
Secunia Research: Evolution Shared Memo Categories Format String Vulnerability
====================================================================== Secunia Research 21/03/2007 - Evolution Shared Memo Categories Format String Vulnerability - ====================================================================== Table of Contents Affected...
Gnome Evolution calendar format string vulnerability
Format string vulnerability on shared memo parsing...
Format string
Format string vulnerability in the writehtml function in calendar/gui/e-cal-component-memo-preview.c in Evolution Shared Memo 2.8.2.1, and possibly earlier versions, allows user-assisted remote attackers to execute arbitrary code via format specifiers in the categories of a crafted shared memo...
CVE-2007-1002
Format string vulnerability in the writehtml function in calendar/gui/e-cal-component-memo-preview.c in Evolution Shared Memo 2.8.2.1, and possibly earlier versions, allows user-assisted remote attackers to execute arbitrary code via format specifiers in the categories of a crafted shared memo...
CVE-2007-1002
Format string vulnerability in the writehtml function in calendar/gui/e-cal-component-memo-preview.c in Evolution Shared Memo 2.8.2.1, and possibly earlier versions, allows user-assisted remote attackers to execute arbitrary code via format specifiers in the categories of a crafted shared memo...
CVE-2007-1002
Format string vulnerability in the writehtml function in calendar/gui/e-cal-component-memo-preview.c in Evolution Shared Memo 2.8.2.1, and possibly earlier versions, allows user-assisted remote attackers to execute arbitrary code via format specifiers in the categories of a crafted shared memo...
DEBIAN-CVE-2007-1002
Format string vulnerability in the writehtml function in calendar/gui/e-cal-component-memo-preview.c in Evolution Shared Memo 2.8.2.1, and possibly earlier versions, allows user-assisted remote attackers to execute arbitrary code via format specifiers in the categories of a crafted shared memo...
CVE-2007-1002
Format string vulnerability in the writehtml function in calendar/gui/e-cal-component-memo-preview.c in Evolution Shared Memo 2.8.2.1, and possibly earlier versions, allows user-assisted remote attackers to execute arbitrary code via format specifiers in the categories of a crafted shared memo...
CVE-2007-1002
CVE-2007-1002 is a format-string vulnerability in Evolution's write_html function (e-cal-component-memo-preview.c) affecting Evolution 2.8.2.1 and possibly earlier, enabling a crafted shared memo to execute arbitrary code via format specifiers. Connected advisories (RHSA-2007:0158, MDKSA-2007:070...
CVE-2007-1002
Format string vulnerability in the writehtml function in calendar/gui/e-cal-component-memo-preview.c in Evolution Shared Memo 2.8.2.1, and possibly earlier versions, allows user-assisted remote attackers to execute arbitrary code via format specifiers in the categories of a crafted shared memo...
CVE-2007-1464
Format string vulnerability in the whiteboard Jabber protocol in Inkscape before 0.45.1 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors...
CVE-2007-1463
Format string vulnerability in Inkscape before 0.45.1 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a URI, which is not properly handled by certain dialogs...
CVE-2007-1463
Format string vulnerability in Inkscape before 0.45.1 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a URI, which is not properly handled by certain dialogs...
CVE-2007-1463
Format string vulnerability in Inkscape before 0.45.1 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a URI, which is not properly handled by certain dialogs...
Format string
Format string vulnerability in Inkscape before 0.45.1 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a URI, which is not properly handled by certain dialogs...
CVE-2007-1464
Format string vulnerability in the whiteboard Jabber protocol in Inkscape before 0.45.1 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors...
DEBIAN-CVE-2007-1464
Format string vulnerability in the whiteboard Jabber protocol in Inkscape before 0.45.1 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors...
DEBIAN-CVE-2007-1463
Format string vulnerability in Inkscape before 0.45.1 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a URI, which is not properly handled by certain dialogs...
CVE-2007-1464
CVE-2007-1464 refers to a format-string vulnerability in Inkscape’s Jabber whiteboard protocol (remote code execution) and is accompanied by CVE-2007-1463 describing a separate format-string issue in Inkscape URIs. Affected product: Inkscape (pre-0.45.1). Root cause: improper handling of format s...