CVE-2009-0587
Published: 14 March 2009
Multiple integer overflows in Evolution Data Server (aka evolution-data-server) before 2.24.5 allow context-dependent attackers to execute arbitrary code via a long string that is converted to a base64 representation in (1) addressbook/libebook/e-vcard.c in evc or (2) camel/camel-mime-utils.c in libcamel.
Priority
Status
Package | Release | Status |
---|---|---|
evolution-data-server Launchpad, Ubuntu, Debian |
dapper |
Released
(1.6.1-0ubuntu7.2)
|
gutsy |
Released
(1.12.1-0ubuntu2.1)
|
|
hardy |
Not vulnerable
(code not present)
|
|
intrepid |
Not vulnerable
(code not present)
|
|
upstream |
Needs triage
|