CVSS: 9.8EPSS: 2%CPEs: 10EXPL: 0CVE-2005-2549 – Gentoo Linux Security Advisory 200508-12
https://notcve.org/view.php?id=CVE-2005-2549
12 Aug 2005 — Multiple format string vulnerabilities in Evolution 1.5 through 2.3.6.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) full vCard data, (2) contact data from remote LDAP servers, or (3) task list data from remote servers. Ulf Harnhammar discovered that Evolution is vulnerable to format string bugs when viewing attached vCards and when displaying contact information from remote LDAP servers or task list data from remote servers (CVE-2005-2549). He also... • http://marc.info/?l=full-disclosure&m=112368237712032&w=2 •
CVSS: 9.8EPSS: 5%CPEs: 11EXPL: 0CVE-2005-2550 – Gentoo Linux Security Advisory 200508-12
https://notcve.org/view.php?id=CVE-2005-2550
12 Aug 2005 — Format string vulnerability in Evolution 1.4 through 2.3.6.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the calendar entries such as task lists, which are not properly handled when the user selects the Calendars tab. Ulf Harnhammar discovered that Evolution is vulnerable to format string bugs when viewing attached vCards and when displaying contact information from remote LDAP servers or task list data from remote servers (CVE-2005-2549). He also dis... • http://marc.info/?l=full-disclosure&m=112368237712032&w=2 •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2005-0102 – dsa-673.txt
https://notcve.org/view.php?id=CVE-2005-0102
24 Jan 2005 — Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow. Max Vozeler discovered an integer overflow in a helper application inside of Evolution, a free grouware suite. A local attacker could cause the setuid root helper to execute arbitrary code with elevated privileges. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000925 • CWE-190: Integer Overflow or Wraparound •