Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2008-1109HistoryJun 04, 2008 - 8:32 p.m.
CVE-2008-1109
2008-06-0420:32:00
Debian Security Bug Tracker
security-tracker.debian.org
11
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
0.165
Percentile
96.0%
Heap-based buffer overflow in Evolution 2.22.1 allows user-assisted remote attackers to execute arbitrary code via a long DESCRIPTION property in an iCalendar attachment, which is not properly handled during a reply in the calendar view (aka the Calendars window).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | evolution | < 2.22.2-1.1 | evolution_2.22.2-1.1_all.deb |
| Debian | 11 | all | evolution | < 2.22.2-1.1 | evolution_2.22.2-1.1_all.deb |
| Debian | 999 | all | evolution | < 2.22.2-1.1 | evolution_2.22.2-1.1_all.deb |
| Debian | 13 | all | evolution | < 2.22.2-1.1 | evolution_2.22.2-1.1_all.deb |
Related
ubuntucve
ubuntucve
CVE-2008-1109
2008-06-04 00:00:00
cvelist
cvelist
CVE-2008-1109
2008-06-04 20:00:00
nvd
nvd
CVE-2008-1109
2008-06-04 20:32:00
prion
prion
Heap overflow
2008-06-04 20:32:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:29:21
cve
cve
CVE-2008-1109
2008-06-04 20:32:00
nessus
nessus
GLSA-200806-06 : Evolution: User-assisted execution of arbitrary code
2008-06-18 00:00:00
Mandriva Linux Security Advisory : evolution (MDVSA-2008:111)
2009-04-23 00:00:00
Fedora 7 : evolution-2.10.3-10.fc7 (2008-5018)
2008-06-09 00:00:00
openvas
openvas
Mandriva Update for evolution MDVSA-2008:111 (evolution)
2009-04-09 00:00:00
Mandriva Update for evolution MDVSA-2008:111 (evolution)
2009-04-09 00:00:00
CentOS Update for evolution28 CESA-2008:0515 centos4 x86_64
2009-02-27 00:00:00
ubuntu
ubuntu
Evolution vulnerabilities
2008-06-06 00:00:00
fedora
fedora
[SECURITY] Fedora 9 Update: evolution-2.22.2-2.fc9
2008-06-06 07:48:27
[SECURITY] Fedora 8 Update: evolution-2.12.3-5.fc8
2008-06-06 07:49:59
[SECURITY] Fedora 7 Update: evolution-2.10.3-10.fc7
2008-06-06 07:50:16
suse
suse
remote code execution in evolution
2008-06-13 16:03:48
centos
centos
evolution28 security update
2008-06-04 16:27:50
evolution security update
2008-06-26 01:08:58
gentoo
gentoo
Evolution: User-assisted execution of arbitrary code
2008-06-16 00:00:00
redhat
redhat
(RHSA-2008:0514) Important: evolution security update
2008-06-04 00:00:00
(RHSA-2008:0515) Important: evolution28 security update
2008-06-04 00:00:00
oraclelinux
oraclelinux
evolution28 security update
2008-06-04 00:00:00
osv
osv
evolution-3.40.4-1.4 on GA media
2024-06-15 00:00:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
0.165
Percentile
96.0%
Related for DEBIANCVE:CVE-2008-1109