Page 4 of 28 results (0.011 seconds)

CVSS: 2.1EPSS: 0%CPEs: 19EXPL: 1

The Mailer component in Evolution 2.26.1 and earlier uses world-readable permissions for the .evolution directory, and certain directories and files under .evolution/ related to local mail, which allows local users to obtain sensitive information by reading these files. El componente Mailer en Evolution v2.26.1 y versiones anteriores utiliza permisos de lectura para todos para el directorio .evolution, y determinados directorios y ficheros bajo .evolution/ relacionados con el correo local, lo cual permite a usuarios locales obtener información sensible a través de la lectura de esos ficheros. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526409 http://bugzilla.gnome.org/show_bug.cgi?id=581604 http://www.openwall.com/lists/oss-security/2009/05/12/6 http://www.securityfocus.com/bid/34921 https://bugzilla.redhat.com/show_bug.cgi?id=498648 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 5.8EPSS: 0%CPEs: 2EXPL: 0

The ntlm_challenge function in the NTLM SASL authentication mechanism in camel/camel-sasl-ntlm.c in Camel in Evolution Data Server (aka evolution-data-server) 2.24.5 and earlier, and 2.25.92 and earlier 2.25.x versions, does not validate whether a certain length value is consistent with the amount of data in a challenge packet, which allows remote mail servers to read information from the process memory of a client, or cause a denial of service (client crash), via an NTLM authentication type 2 packet with a length value that exceeds the amount of packet data. La función ntlm_challenge en el mecanismo de autenticación NTLM SASL de camel/camel-sasl-ntlm.c en Camel en Evolution Data Server (alias evolution-data-server) 2.24.5 y anteriores, and 2.25.92 and earlier 2.25.x , no valida si cierto valor de longitud es coherente con la cantidad de datos almacenados en el paquete del desafío, lo cual permite leer, a los servidores de correo remotos, información de la memoria del proceso de un cliente, o provocar una denegación de servicio (con caida del cliente), a través de una autenticación NTLM autenticación de tipo 2 con un valor de longitud del paquete que supera la cantidad de paquetes de datos. • http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html http://mail.gnome.org/archives/release-team/2009-March/msg00096.html http://osvdb.org/52673 http://secunia.com/advisories/34286 http://secunia.com/advisories/34338 http://secunia.com/advisories/34339 http://secunia.com/advisories/34348 http://secunia.com/advisories/34363 http://secunia.com/advisories/35065 http://secunia.com/advisories/35357 http://securitytracker.com/id?1021845 http://www.debian.org&#x • CWE-20: Improper Input Validation •

CVSS: 7.6EPSS: 13%CPEs: 1EXPL: 0

Buffer overflow in Evolution 2.22.1, when the ITip Formatter plugin is disabled, allows remote attackers to execute arbitrary code via a long timezone string in an iCalendar attachment. Desbordamiento de búfer en Evolution 2.22.1, cuando el plugin ITip Formates está desactivado, permite a atacantes remotos ejecutar código arbitrario a través de una cadena "timezone" larga en un adjunto iCalendar. • http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00003.html http://secunia.com/advisories/30298 http://secunia.com/advisories/30527 http://secunia.com/advisories/30536 http://secunia.com/advisories/30564 http://secunia.com/advisories/30571 http://secunia.com/advisories/30702 http://secunia.com/advisories/30716 http://secunia.com/secunia_research/2008-22/advisory http://security.gentoo.org/glsa/glsa-200806-06.xml http://www.mandriva.com/security/advisories?name=MDVSA& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 21%CPEs: 1EXPL: 0

Heap-based buffer overflow in Evolution 2.22.1 allows user-assisted remote attackers to execute arbitrary code via a long DESCRIPTION property in an iCalendar attachment, which is not properly handled during a reply in the calendar view (aka the Calendars window). Desbordamiento de Búfer basado en montículo en Evolution 2.22.1 permite a atacantes remotos asistidos por el usuario, ejecutar código arbitrariamente mediante una propiedad DESCRIPTION larga en un adjunto iCalendar, que no es gestionado correctamente durante una respuesta en la vista de calendario (también conocida como ventana de Calendarios). • http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00003.html http://secunia.com/advisories/30298 http://secunia.com/advisories/30527 http://secunia.com/advisories/30564 http://secunia.com/advisories/30571 http://secunia.com/advisories/30702 http://secunia.com/advisories/30716 http://secunia.com/secunia_research/2008-23/advisory http://security.gentoo.org/glsa/glsa-200806-06.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:111 http://www.redhat.com • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.8EPSS: 59%CPEs: 2EXPL: 0

Format string vulnerability in the emf_multipart_encrypted function in mail/em-format.c in Evolution 2.12.3 and earlier allows remote attackers to execute arbitrary code via a crafted encrypted message, as demonstrated using the Version field. Una vulnerabilidad de cadena de formato en la función emf_multipart_encrypted en el archivo mail/em-format.c en Evolution versión 2.12.3 y anteriores, permite a atacantes remotos ejecutar código arbitrario por medio de un mensaje encriptado diseñado, tal y como es demostrado usando el campo Version. • http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00003.html http://secunia.com/advisories/29057 http://secunia.com/advisories/29163 http://secunia.com/advisories/29210 http://secunia.com/advisories/29244 http://secunia.com/advisories/29258 http://secunia.com/advisories/29264 http://secunia.com/advisories/29317 http://secunia.com/advisories/30437 http://secunia.com/advisories/30491 http://secunia.com/secunia_research/2008-8/advisory http://security.gentoo.org/glsa& • CWE-134: Use of Externally-Controlled Format String •