Integer Overflow Vulnerability in Evolution Data Server by Canonical
CVE-2009-0587

Currently unrated

Key Information:

Vendor: Go-evolution
Status: Evolution-data-server
Vendor: CVE Published:; 14 March 2009

🔔 Create Go-evolution Vulnerability Alert

What is CVE-2009-0587?

An integer overflow vulnerability exists in the Evolution Data Server, which may allow context-dependent attackers to execute arbitrary code. Specifically, the flaw arises during the conversion of long strings to base64 representation in the evc and libcamel libraries. If exploited, this vulnerability might enable attackers to leverage malformed inputs, compromising the integrity of the application and potentially gaining unauthorized access to the system.

References

http://secunia.com/advisories/35357

third-party-advisoryx_refsource_SECUNIA

http://osvdb.org/52703

vdb-entryx_refsource_OSVDB

http://www.ubuntu.com/usn/USN-733-1

vendor-advisoryx_refsource_UBUNTU

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 14, 2009
Vulnerability Reserved
Feb 13, 2009

CVE-2009-0587 Data

JSON