Format String Vulnerability in Evolution Email Client by Novell
CVE-2005-2550

Currently unrated

Key Information:

Vendor

Gnome
Status
Evolution
Vendor
CVE Published:
12 August 2005

What is CVE-2005-2550?

The Evolution email client, spanning versions 1.4 to 2.3.6.1, contains a format string vulnerability that allows remote attackers to exploit functionality in the calendar section. By manipulating calendar entries, such as task lists, an attacker may cause the application to crash or potentially execute arbitrary code. The flaw arises when user interaction with the Calendars tab does not adequately process user input, leading to security implications for affected users.

References

http://www.novell.com/linux/security/advisories/2005_54_e...
vendor-advisoryx_refsource_SUSE
http://www.securityfocus.com/bid/14532
vdb-entryx_refsource_BID
http://www.redhat.com/support/errata/RHSA-2005-267.html
vendor-advisoryx_refsource_REDHAT

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.