Lucene search
K

8517 matches found

seebug.org
seebug.org
added 2007/03/24 12:0 a.m.18 views

Gnome Evolution格式串漏洞

Gnome Evolution是一款开放源代码的邮件客户端。 Gnome Evolution包含的"writehtml"函数存在格式串问题,远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 问题存在于calendar/gui/e-cal-component-memo-preview.c中的"writehtml"函数中,当显示memo的目录时存在格式串错误,目标用户如果在邮箱中打开共享的MEMO,并点接收,在"Memo"标签下查看MEMO可触发漏洞。 GNOME Evolution 2.8.2.1 目前没有解决方案提供: http://www.gnome.org/...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2007/03/22 12:0 a.m.40 views

Secunia Research: Evolution Shared Memo Categories Format String Vulnerability

====================================================================== Secunia Research 21/03/2007 - Evolution Shared Memo Categories Format String Vulnerability - ====================================================================== Table of Contents Affected...

6.8CVSS1.3AI score0.03364EPSS
Exploits0
securityvulns
securityvulns
added 2007/03/22 12:0 a.m.32 views

Gnome Evolution calendar format string vulnerability

Format string vulnerability on shared memo parsing...

6.8CVSS3.3AI score0.03364EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2007/03/21 10:19 p.m.12 views

Format string

Format string vulnerability in the writehtml function in calendar/gui/e-cal-component-memo-preview.c in Evolution Shared Memo 2.8.2.1, and possibly earlier versions, allows user-assisted remote attackers to execute arbitrary code via format specifiers in the categories of a crafted shared memo...

6.8CVSS7.6AI score0.03364EPSS
Exploits0References20Affected Software1
NVD
NVD
added 2007/03/21 10:19 p.m.16 views

CVE-2007-1002

Format string vulnerability in the writehtml function in calendar/gui/e-cal-component-memo-preview.c in Evolution Shared Memo 2.8.2.1, and possibly earlier versions, allows user-assisted remote attackers to execute arbitrary code via format specifiers in the categories of a crafted shared memo...

6.8CVSS7.4AI score0.03364EPSS
Exploits0References20
UbuntuCve
UbuntuCve
added 2007/03/21 10:19 p.m.21 views

CVE-2007-1002

Format string vulnerability in the writehtml function in calendar/gui/e-cal-component-memo-preview.c in Evolution Shared Memo 2.8.2.1, and possibly earlier versions, allows user-assisted remote attackers to execute arbitrary code via format specifiers in the categories of a crafted shared memo...

6.8CVSS6.3AI score0.03364EPSS
Exploits0References2
OSV
OSV
added 2007/03/21 10:19 p.m.8 views

CVE-2007-1002

Format string vulnerability in the writehtml function in calendar/gui/e-cal-component-memo-preview.c in Evolution Shared Memo 2.8.2.1, and possibly earlier versions, allows user-assisted remote attackers to execute arbitrary code via format specifiers in the categories of a crafted shared memo...

7.4AI score
Exploits0References20
OSV
OSV
added 2007/03/21 10:19 p.m.1 views

DEBIAN-CVE-2007-1002

Format string vulnerability in the writehtml function in calendar/gui/e-cal-component-memo-preview.c in Evolution Shared Memo 2.8.2.1, and possibly earlier versions, allows user-assisted remote attackers to execute arbitrary code via format specifiers in the categories of a crafted shared memo...

6.8CVSS8AI score0.03364EPSS
Exploits0References1
Cvelist
Cvelist
added 2007/03/21 10:0 p.m.31 views

CVE-2007-1002

Format string vulnerability in the writehtml function in calendar/gui/e-cal-component-memo-preview.c in Evolution Shared Memo 2.8.2.1, and possibly earlier versions, allows user-assisted remote attackers to execute arbitrary code via format specifiers in the categories of a crafted shared memo...

7.3AI score0.03364EPSS
Exploits0References20
CVE
CVE
added 2007/03/21 10:0 p.m.73 views

CVE-2007-1002

CVE-2007-1002 is a format-string vulnerability in Evolution's write_html function (e-cal-component-memo-preview.c) affecting Evolution 2.8.2.1 and possibly earlier, enabling a crafted shared memo to execute arbitrary code via format specifiers. Connected advisories (RHSA-2007:0158, MDKSA-2007:070...

6.8CVSS7.2AI score0.03364EPSS
Exploits0References20Affected Software1
Debian CVE
Debian CVE
added 2007/03/21 10:0 p.m.23 views

CVE-2007-1002

Format string vulnerability in the writehtml function in calendar/gui/e-cal-component-memo-preview.c in Evolution Shared Memo 2.8.2.1, and possibly earlier versions, allows user-assisted remote attackers to execute arbitrary code via format specifiers in the categories of a crafted shared memo...

6.8CVSS7.3AI score0.03364EPSS
Exploits0
NVD
NVD
added 2007/03/21 7:19 p.m.10 views

CVE-2007-1464

Format string vulnerability in the whiteboard Jabber protocol in Inkscape before 0.45.1 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors...

6.8CVSS7.5AI score0.03222EPSS
Exploits0References12
UbuntuCve
UbuntuCve
added 2007/03/21 7:19 p.m.9 views

CVE-2007-1463

Format string vulnerability in Inkscape before 0.45.1 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a URI, which is not properly handled by certain dialogs...

6.8CVSS6.3AI score0.03364EPSS
Exploits0References2
NVD
NVD
added 2007/03/21 7:19 p.m.14 views

CVE-2007-1463

Format string vulnerability in Inkscape before 0.45.1 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a URI, which is not properly handled by certain dialogs...

6.8CVSS7.4AI score0.03364EPSS
Exploits0References17
OSV
OSV
added 2007/03/21 7:19 p.m.5 views

CVE-2007-1463

Format string vulnerability in Inkscape before 0.45.1 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a URI, which is not properly handled by certain dialogs...

7.7AI score
Exploits0References17
Prion
Prion
added 2007/03/21 7:19 p.m.11 views

Format string

Format string vulnerability in Inkscape before 0.45.1 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a URI, which is not properly handled by certain dialogs...

6.8CVSS7.6AI score0.03364EPSS
Exploits0References17Affected Software1
UbuntuCve
UbuntuCve
added 2007/03/21 7:19 p.m.19 views

CVE-2007-1464

Format string vulnerability in the whiteboard Jabber protocol in Inkscape before 0.45.1 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors...

6.8CVSS6AI score0.03222EPSS
Exploits0References2
OSV
OSV
added 2007/03/21 7:19 p.m.2 views

DEBIAN-CVE-2007-1464

Format string vulnerability in the whiteboard Jabber protocol in Inkscape before 0.45.1 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors...

6.8CVSS8AI score0.03222EPSS
Exploits0References1
OSV
OSV
added 2007/03/21 7:19 p.m.1 views

DEBIAN-CVE-2007-1463

Format string vulnerability in Inkscape before 0.45.1 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a URI, which is not properly handled by certain dialogs...

6.8CVSS8AI score0.03364EPSS
Exploits0References1
CVE
CVE
added 2007/03/21 7:0 p.m.56 views

CVE-2007-1464

CVE-2007-1464 refers to a format-string vulnerability in Inkscape’s Jabber whiteboard protocol (remote code execution) and is accompanied by CVE-2007-1463 describing a separate format-string issue in Inkscape URIs. Affected product: Inkscape (pre-0.45.1). Root cause: improper handling of format s...

6.8CVSS7.3AI score0.03222EPSS
Exploits0References12Affected Software1
Rows per page
Query Builder