CVE-2008-1109

Currently unrated

Key Information:

Vendor: Gnome
Status: Evolution
Vendor: CVE Published:; 4 June 2008

Summary

Heap-based buffer overflow in Evolution 2.22.1 allows user-assisted remote attackers to execute arbitrary code via a long DESCRIPTION property in an iCalendar attachment, which is not properly handled during a reply in the calendar view (aka the Calendars window).

References

https://www.redhat.com/archives/fedora-package-announce/2...

vendor-advisoryx_refsource_FEDORA

http://www.vupen.com/english/advisories/2008/1732/references

vdb-entryx_refsource_VUPEN

http://secunia.com/advisories/30298

third-party-advisoryx_refsource_SECUNIA

EPSS Score

20% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jun 4, 2008
Vulnerability Reserved
Feb 29, 2008