Ubuntu Security Notice USN-166-1 - Ulf Harnhammar disovered several format string vulnerabilities in Evolution. By tricking an user into viewing a specially crafted vCard attached to an email, specially crafted contact data from an LDAP server, specially crafted task lists from remote servers, or saving Calendar entries with this malicious task list data, it was possible for an attacker to execute arbitrary code with the privileges of the user running Evolution.
adfe66c8078c6dbe77c997fba762f467536084c5390318202428571511bf8028