what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2007.070

Mandriva Linux Security Advisory 2007.070
Posted Mar 28, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A format string error in the "write_html()" function in calendar/gui/ e-cal-component-memo-preview.c when displaying a memo's categories can potentially be exploited to execute arbitrary code via a specially crafted shared memo containing format specifiers.

tags | advisory, arbitrary
systems | linux, mandriva
advisories | CVE-2007-1002
SHA-256 | 303330030e6f55cb5e27b3158c57236a5547755445f23a98d029aeca2072f934

Mandriva Linux Security Advisory 2007.070

Change Mirror Download

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDKSA-2007:070
http://www.mandriva.com/security/
_______________________________________________________________________

Package : evolution
Date : March 27, 2007
Affected: 2007.0
_______________________________________________________________________

Problem Description:

A format string error in the "write_html()" function in calendar/gui/
e-cal-component-memo-preview.c when displaying a memo's categories can
potentially be exploited to execute arbitrary code via a specially
crafted shared memo containing format specifiers.

Updated packages have been patched to address this issue.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1002
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2007.0:
ffbaf535dcc8aad7e4d99e9e238d1ed0 2007.0/i586/evolution-2.8.0-1.1mdv2007.0.i586.rpm
b475a91bffa1bbfef44d5928ad98f76f 2007.0/i586/evolution-devel-2.8.0-1.1mdv2007.0.i586.rpm
1c3f8129b6ff5336b7ef7cc8e47034a8 2007.0/i586/evolution-mono-2.8.0-1.1mdv2007.0.i586.rpm
b34eb079ba555c29d9be2807d729b4f3 2007.0/i586/evolution-pilot-2.8.0-1.1mdv2007.0.i586.rpm
4012d73f8f6c7fc1ddb5eb326cad2c7a 2007.0/SRPMS/evolution-2.8.0-1.1mdv2007.0.src.rpm

Mandriva Linux 2007.0/X86_64:
9803e86f2add5fc6fa81e35d44cf0696 2007.0/x86_64/evolution-2.8.0-1.1mdv2007.0.x86_64.rpm
b5b4cf59932bd01169f1d76e90be2201 2007.0/x86_64/evolution-devel-2.8.0-1.1mdv2007.0.x86_64.rpm
f382c0033a4ff0f9c3e48235dbf712f8 2007.0/x86_64/evolution-mono-2.8.0-1.1mdv2007.0.x86_64.rpm
737c4f2a2708d06d1dbf7a2379eb56f8 2007.0/x86_64/evolution-pilot-2.8.0-1.1mdv2007.0.x86_64.rpm
4012d73f8f6c7fc1ddb5eb326cad2c7a 2007.0/SRPMS/evolution-2.8.0-1.1mdv2007.0.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFGCQmRmqjQ0CJFipgRAuQOAJ9ff46OmdV//gV9Qfu2Q76qZsRkygCgzHrw
RySRUTo4vymnxdlcLkTwqVU=
=j0iK
-----END PGP SIGNATURE-----

Login or Register to add favorites

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    21 Files
  • 17
    Sep 17th
    51 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close