VUPEN Security - Fedora Security Update Fixes Evolution Shared Memos Format String Vulnerability / Exploit (Security Advisories)

	Contact \| Site en Français

Vulnerabilities & Threats

VUPEN Security Advisories

Linux Security Advisories

Malware Advisories

Security Research

Threat Watch Blog

Zero-Day Monitor

Search Engine

Mailing List & RSS

>> Fedora Security Update Fixes Evolution Shared Memos Format String Vulnerability

Title : Fedora Security Update Fixes Evolution Shared Memos Format String Vulnerability
VUPEN ID : VUPEN/ADV-2007-1289
CVE ID : CVE-2007-1002
Rated as : Moderate Risk

Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-04-09

Technical Description

Receive VUPEN Security alerts in a Text format

Receive VUPEN Security alerts in a PDF format

Receive VUPEN Security alerts in an XML format

Fedora has released security updates to address a vulnerability identified in Evolution. This issue could be exploited by attackers to execute arbitrary commands. For additional information, see : VUPEN/ADV-2007-1058

Affected Products

Fedora Core 5
Fedora Core 6

Solution

Upgrade the affected packages :

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/

86b2b80ae1fa4df610ae01a30d4e113f7c629548 SRPMS/evolution-2.6.3-2.fc5.src.rpm
86b2b80ae1fa4df610ae01a30d4e113f7c629548 noarch/evolution-2.6.3-2.fc5.src.rpm
7822ba6e91d839c66e638c4130bcb1b6d9ccb1cf ppc/evolution-devel-2.6.3-2.fc5.ppc.rpm
036d3ad4be94d75dbaf105e410912dd02428b390 ppc/evolution-2.6.3-2.fc5.ppc.rpm
8f4ef58dc1a5915d981a6de4be3dda1add096397 ppc/debug/evolution-debuginfo-2.6.3-2.fc5.ppc.rpm
92963eeedfb1870dc36820f8149ec62a845ac3ee x86_64/evolution-2.6.3-2.fc5.x86_64.rpm
7795f09e5159aa2aaef19da9b103e6b37a123aac x86_64/debug/evolution-debuginfo-2.6.3-2.fc5.x86_64.rpm
5c99f30e04c86d27c7fd7582abef0e577ec8d131 x86_64/evolution-devel-2.6.3-2.fc5.x86_64.rpm
e7fa54bd487227a8451592aa7031f54f30249f75 i386/debug/evolution-debuginfo-2.6.3-2.fc5.i386.rpm
1a55bf5eff254f665aca9f4688838bf4a2ccb9a8 i386/evolution-devel-2.6.3-2.fc5.i386.rpm
d569b81757845e0b941752b768b5fcfd9d534e64 i386/evolution-2.6.3-2.fc5.i386.rpm

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/

f0f3c4a7d5d16df7ddafd08bba14e8fadafa25f6 SRPMS/evolution-2.8.3-2.fc6.src.rpm
f0f3c4a7d5d16df7ddafd08bba14e8fadafa25f6 noarch/evolution-2.8.3-2.fc6.src.rpm
986e4976ea1950a6f211e8c4f9a2842222638444 ppc/evolution-2.8.3-2.fc6.ppc.rpm
d7df2f9125da9d316f4b19460cdd77edc26ba93b ppc/evolution-devel-2.8.3-2.fc6.ppc.rpm
f91481176b34643e4c39f301b795c350d3610306 ppc/debug/evolution-debuginfo-2.8.3-2.fc6.ppc.rpm
ff7dfbffd37f4f8d89e7ddba1f57852d5f7bea25 x86_64/debug/evolution-debuginfo-2.8.3-2.fc6.x86_64.rpm
adbbfcedabe5a1bf3153b17827717901b687e6cd x86_64/evolution-devel-2.8.3-2.fc6.x86_64.rpm
4855d88dd67ac683de6239fca4f7a7eaa905d6aa x86_64/evolution-2.8.3-2.fc6.x86_64.rpm
73ce0e247c5f53fd66dad1f5b4f993f39ce2a345 i386/evolution-devel-2.8.3-2.fc6.i386.rpm
a68bd20c0b01e8a099fcb14f680b0fdb7deaba69 i386/debug/evolution-debuginfo-2.8.3-2.fc6.i386.rpm
8e2055a7376fc23d45364d08bf38de877dcc0fba i386/evolution-2.8.3-2.fc6.i386.rpm

References

http://www.vupen.com/english/advisories/2007/1289
https://www.redhat.com/archives/fedora-package-announce/2007-April/msg00014.html
https://www.redhat.com/archives/fedora-package-announce/2007-April/msg00013.html

ChangeLog

2007-04-09 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time alerts when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.

Vulnerability Alerting

Free 14-Day Trial

Latest News

>> 2009-07-06

Microsoft Windows 0-Day
Flaw Exploited in the Wild

>> 2009-06-10

VUPEN Security Research
Discovered Critical Flaws
in Adobe Acrobat and MS
Office Word

>> 2009-06-02

VUPEN Security Research
Discovered Critical Flaws
in ACDSee Products

>> 2009-05-22

VUPEN Discovered Two
Critical Vulnerabilities in
Novell GroupWise 8 / 7

More Informations