Alerts This Week
Warning Icon 1 923
Alerts This Week
Warning Icon 1 923

Gentoo: GLSA-200803-12 Normal: Evolution Format String Execution Risk

gentoo
Calendar Grey March 6, 2008
Dist Gentoo Esm H88
Critical vulnerability detected in Evolution's handling of format strings. Prompt upgrade is advised for all Gentoo users to mitigate potential exploitation risks.
A format string error has been discovered in Evolution, possibly resulting in the execution of arbitrary code.

Summary

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Gentoo Linux Security Advisory GLSA 200803-12 https://security.gentoo.org/

  Severity: Normal
     Title: Evolution: Format string vulnerability
      Date: March 05, 2008
      Bugs: #212272
        ID: 200803-12


Synopsis
=======
A format string error has been discovered in Evolution, possibly
resulting in the execution of arbitrary code.

Background
=========
Evolution is a GNOME groupware application.

Affected packages
================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 mail-client/evolution < 2.12.3-r1 >= 2.12.3-r1

==========
Ulf Harnhammar from Secunia Research discovered a format string error
in the emf_multipart_encrypted() function in the file mail/em-format.c
w...
Read the Full Advisory
Topics%20covered

Topics Covered

security advisory gentoo format string execution risk normal

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory gentoo format string execution risk normal

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here