Page 3 of 12 results (0.004 seconds)

CVSS: 7.5EPSS: 8%CPEs: 11EXPL: 0

Format string vulnerability in Evolution 1.4 through 2.3.6.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the calendar entries such as task lists, which are not properly handled when the user selects the Calendars tab. • http://marc.info/?l=full-disclosure&m=112368237712032&w=2 http://secunia.com/advisories/16394 http://secunia.com/advisories/19380 http://www.debian.org/security/2006/dsa-1016 http://www.mandriva.com/security/advisories?name=MDKSA-2005:141 http://www.novell.com/linux/security/advisories/2005_54_evolution.html http://www.redhat.com/archives/fedora-announce-list/2005-August/msg00031.html http://www.redhat.com/support/errata/RHSA-2005-267.html http://www.securityfocus.com/archive •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0

Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000925 http://secunia.com/advisories/13830 http://security.gentoo.org/glsa/glsa-200501-35.xml http://securitytracker.com/id?1012981 http://www.debian.org/security/2005/dsa-673 http://www.mandriva.com/security/advisories?name=MDKSA-2005:024 http://www.redhat.com/support/errata/RHSA-2005-238.html http://www.redhat.com/support/errata/RHSA-2005-397.html http://www.securityfocus.com/bid/12354 https://exchange.xforce. • CWE-190: Integer Overflow or Wraparound •