Debian Security Advisory 1325-1 - Ulf Harnhammer discovered that a format string vulnerability in the handling of shared calendars may allow the execution of arbitrary code. It was discovered that the IMAP code in the Evolution Data Server performs insufficient sanitizing of a value later used an array index, which can lead to the execution of arbitrary code.
68f3b62dbf023e6af4b70073b35b3629fbe220a2bf210b9990f274e68a88c888
Gentoo Linux Security Advisory GLSA 200706-02 - Ulf Harnhammar from Secunia Research has discovered a format string error in the write_html() function in the file calendar/gui/e-cal-component-memo-preview.c. Versions less than 2.8.3-r2 are affected.
71360f7d5a83f20506cb31ba8e95914f7f36eb539553e2c72ca0778680ff566f
Mandriva Linux Security Advisory - A format string error in the "write_html()" function in calendar/gui/ e-cal-component-memo-preview.c when displaying a memo's categories can potentially be exploited to execute arbitrary code via a specially crafted shared memo containing format specifiers.
303330030e6f55cb5e27b3158c57236a5547755445f23a98d029aeca2072f934
Ubuntu Security Notice 442-1 - Ulf Harnhammar of Secunia Research discovered that Evolution did not correctly handle format strings when displaying shared memos. If a remote attacker tricked a user into viewing a specially crafted shared memo, they could execute arbitrary code with user privileges.
ccb975c915aa2dbf1654fbfe92d6906c805529dcbf3633ffb4e490a2cee46a49
Secunia Research has discovered a vulnerability in Evolution, which can be exploited by malicious people to potentially compromise a vulnerable system. A format string error in the "write_html()" function in calendar/gui/ e-cal-component-memo-preview.c when displaying a memo's categories can potentially be exploited to execute arbitrary code via a specially crafted shared memo containing format specifiers. Evolution version 2.8.2.1 is affected. Other versions may also be affected.
041da7106d89467969e704e26924c8b857c84a03ce6cb4e5b2b92a09948ef4a5