Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2550

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-2550
Last Modified 21 Aug 2010 12:31:38
Published 12 Aug 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-2550

Summary

Format string vulnerability in Evolution 1.4 through 2.3.6.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the calendar entries such as task lists, which are not properly handled when the user selects the Calendars tab.

Vulnerable Systems

Application

  • Gnome Evolution 1.4

  • Gnome Evolution 1.5

  • Gnome Evolution 2.0

  • Gnome Evolution 2.1

  • Gnome Evolution 2.2

  • Gnome Evolution 2.3.1

  • Gnome Evolution 2.3.2

  • Gnome Evolution 2.3.3

  • Gnome Evolution 2.3.4

  • Gnome Evolution 2.3.5

  • Gnome Evolution 2.3.6.1


References

FULLDISC - 20050810 Evolution multiple remote format string bugs

UBUNTU - USN-166-1

MISC - http://www.sitic.se/eng/advisories_and_recommendations/sa05-001.html

BID - 14532

REDHAT - RHSA-2005:267

FEDORA - FEDORA-2005-743

SUSE - SUSE-SA:2005:054

MANDRIVA - MDKSA-2005:141

DEBIAN - DSA-1016

SECUNIA - 19380

SECUNIA - 16394


Last Updated: 27 May 2016 10:40:34