Remote Code Execution Vulnerability in Evolution Email Client by Novell
CVE-2005-2549

Currently unrated

Key Information:

Vendor: Gnome
Status: Evolution
Vendor: CVE Published:; 12 August 2005

What is CVE-2005-2549?

The Evolution email client from Novell suffers from multiple format string vulnerabilities that exist in versions 1.5 through 2.3.6.1. These vulnerabilities enable remote attackers to potentially execute arbitrary code or cause a denial of service (crashing the application) by sending specially crafted data. This may occur through various vectors including full vCard data, contact data retrieved from remote LDAP servers, or task list data from remote sources. It is crucial for users of the affected versions to apply the necessary updates and patches to mitigate this security risk.

References

http://www.novell.com/linux/security/advisories/2005_54_e...

vendor-advisoryx_refsource_SUSE

http://www.securityfocus.com/bid/14532

vdb-entryx_refsource_BID

http://www.redhat.com/support/errata/RHSA-2005-267.html

vendor-advisoryx_refsource_REDHAT

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 12, 2005
Vulnerability Reserved
Aug 12, 2005

Gnome

What is CVE-2005-2549?

References

Timeline