Buffer Overflow in Evolution Affects Linux Systems
CVE-2008-1108

Currently unrated

Key Information:

Vendor

Gnome
Status
Evolution
Vendor
CVE Published:
4 June 2008

What is CVE-2008-1108?

A buffer overflow vulnerability exists in the Evolution 2.22.1 email client when the ITip Formatter plugin is disabled. This flaw can be exploited by remote attackers using a long timezone string in an iCalendar attachment, potentially leading to the execution of arbitrary code on affected systems. Users are advised to keep their software updated and be wary of unexpected iCalendar attachments.

References

https://www.redhat.com/archives/fedora-package-announce/2...
vendor-advisoryx_refsource_FEDORA
http://www.vupen.com/english/advisories/2008/1732/references
vdb-entryx_refsource_VUPEN
http://secunia.com/advisories/30298
third-party-advisoryx_refsource_SECUNIA

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.