FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2005-2549

This CVE name corresponds to:

Entered Topic
2005-08-27 evolution -- remote format string vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

Details

Type Candidate
Name CVE-2005-2549
Phase Assigned(20050812)

Description

Multiple format string vulnerabilities in Evolution 1.5 through 2.3.6.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) full vCard data, (2) contact data from remote LDAP servers, or (3) task list data from remote servers.

References

Source Reference
BUGTRAQ 20050810 Evolution multiple remote format string bugs
FULLDISC 20050810 Evolution multiple remote format string bugs
MISC http://www.sitic.se/eng/advisories_and_recommendations/sa05-001.html
DEBIAN DSA-1016
FEDORA FEDORA-2005-743
MANDRIVA MDKSA-2005:141
REDHAT RHSA-2005:267
SUSE SUSE-SA:2005:054
UBUNTU USN-166-1
BID 14532
OVAL oval:org.mitre.oval:def:9553
SECUNIA 16394
SECUNIA 19380