Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2549

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-2549
Last Modified 21 Aug 2010 12:31:38
Published 12 Aug 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-2549

Summary

Multiple format string vulnerabilities in Evolution 1.5 through 2.3.6.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) full vCard data, (2) contact data from remote LDAP servers, or (3) task list data from remote servers.

Vulnerable Systems

Application

  • Gnome Evolution 1.5

  • Gnome Evolution 2.0

  • Gnome Evolution 2.1

  • Gnome Evolution 2.2

  • Gnome Evolution 2.3.1

  • Gnome Evolution 2.3.2

  • Gnome Evolution 2.3.3

  • Gnome Evolution 2.3.4

  • Gnome Evolution 2.3.5

  • Gnome Evolution 2.3.6.1


References

FULLDISC - 20050810 Evolution multiple remote format string bugs

UBUNTU - USN-166-1

MISC - http://www.sitic.se/eng/advisories_and_recommendations/sa05-001.html

BID - 14532

REDHAT - RHSA-2005:267

FEDORA - FEDORA-2005-743

SUSE - SUSE-SA:2005:054

MANDRIVA - MDKSA-2005:141

DEBIAN - DSA-1016

SECUNIA - 19380

SECUNIA - 16394


Last Updated: 27 May 2016 10:40:34