Gnome Evolution calendar format string vulnerability - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Gnome Evolution calendar format string vulnerability
Published: 22.03.2007
Source: BUGTRAQ
SecurityVulns ID: 7444
Type: client
Level: 6/10
Description: Format string vulnerability on shared memo parsing.

Affected: GNOME : Evolution 2.8
CVE: CVE-2007-1002 (Format string vulnerability in the write_html function in calendar/gui/e-cal-component-memo-preview.c in Evolution Shared Memo 2.8.2.1, and possibly earlier versions, allows user-assisted remote attackers to execute arbitrary code via format specifiers in the categories of a crafted shared memo.)

Original document SECUNIA, Secunia Research: Evolution Shared Memo Categories Format String Vulnerability (22.03.2007)

Discuss: Read or add your comments to this news (0 comments)