CVE-2008-1109
- EPSS 5.75%
- Veröffentlicht 04.06.2008 20:32:00
- Zuletzt bearbeitet 16.06.2026 22:51:01
Heap-based buffer overflow in Evolution 2.22.1 allows user-assisted remote attackers to execute arbitrary code via a long DESCRIPTION property in an iCalendar attachment, which is not properly handled during a reply in the calendar view (aka the Cale...
CVE-2008-1108
- EPSS 5.69%
- Veröffentlicht 04.06.2008 20:32:00
- Zuletzt bearbeitet 16.06.2026 22:51:00
Buffer overflow in Evolution 2.22.1, when the ITip Formatter plugin is disabled, allows remote attackers to execute arbitrary code via a long timezone string in an iCalendar attachment.
CVE-2008-0072
- EPSS 6.02%
- Veröffentlicht 06.03.2008 00:44:00
- Zuletzt bearbeitet 16.06.2026 22:48:52
Format string vulnerability in the emf_multipart_encrypted function in mail/em-format.c in Evolution 2.12.3 and earlier allows remote attackers to execute arbitrary code via a crafted encrypted message, as demonstrated using the Version field.
CVE-2007-3257
- EPSS 3.12%
- Veröffentlicht 19.06.2007 16:30:00
- Zuletzt bearbeitet 16.06.2026 22:41:22
Camel (camel-imap-folder.c) in the mailer component for Evolution Data Server 1.11 allows remote IMAP servers to execute arbitrary code via a negative SEQUENCE value in GData, which is used as an array index.
- EPSS 5.05%
- Veröffentlicht 06.03.2007 20:19:00
- Zuletzt bearbeitet 16.06.2026 22:37:15
Evolution 2.8.1 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Evolution from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remo...
CVE-2006-2789
- EPSS 2.08%
- Veröffentlicht 02.06.2006 22:02:00
- Zuletzt bearbeitet 16.06.2026 22:25:47
Evolution 2.2.x and 2.3.x in GNOME 2.7 and 2.8, when "load images if sender in addressbook" is enabled, allows remote attackers to cause a denial of service (persistent crash) via a crafted "From" header that triggers an assert error in camel-interne...
- EPSS 1.95%
- Veröffentlicht 10.03.2006 01:02:00
- Zuletzt bearbeitet 16.06.2026 22:19:46
GNOME Evolution 2.4.2.1 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via a text e-mail with a large number of URLs, possibly due to unknown problems in gtkhtml.
- EPSS 10.77%
- Veröffentlicht 02.02.2006 11:02:00
- Zuletzt bearbeitet 16.06.2026 22:20:46
The cairo library (libcairo), as used in GNOME Evolution and possibly other products, allows remote attackers to cause a denial of service (persistent client crash) via an attached text file that contains "Content-Disposition: inline" in the header, ...
CVE-2005-2550
- EPSS 4.43%
- Veröffentlicht 12.08.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:15:11
Format string vulnerability in Evolution 1.4 through 2.3.6.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the calendar entries such as task lists, which are not properly handled when the user se...
CVE-2005-2549
- EPSS 4.43%
- Veröffentlicht 12.08.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:15:11
Multiple format string vulnerabilities in Evolution 1.5 through 2.3.6.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) full vCard data, (2) contact data from remote LDAP servers, or (3) task li...