|
|
>> Fedora Security Update Fixes Evolution-data-server Code Execution Vulnerability
|
Title : Fedora Security Update Fixes Evolution-data-server Code Execution Vulnerability
VUPEN ID : VUPEN/ADV-2007-2297
CVE ID : CVE-2007-3257
Rated as : Moderate Risk 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-06-25
|
A vulnerability has been identified in Fedora, which could be exploited by attackers to execute arbitrary code. This issue is caused by an error in evolution-data-server. For additional information, see : VUPEN/ADV-2007-2282
Affected Products
Fedora Core 5
Fedora Core 6
Fedora 7
Solution
Upgrade the affected packages :
5e3ad08921d0ea0ffdc7217241e9e492938d9850 evolution-data-server-1.10.2-3.fc7.ppc64.rpm
f9a5df839896068bf1bf7d580c2ca0aabd6a1fe6 evolution-data-server-debuginfo-1.10.2-3.fc7.ppc64.rpm
6b7f72adf159c8bc0959a31acead9bbbeadc233b evolution-data-server-devel-1.10.2-3.fc7.ppc64.rpm
b221789027cf1bd3905890dcd385236e32b3d7fc evolution-data-server-devel-1.10.2-3.fc7.i386.rpm
6469b0c398286d2bd54026174cf5da278d8e9563 evolution-data-server-1.10.2-3.fc7.i386.rpm
2bb7be2f9de207e0421bddfccbea4898e2d5b38d evolution-data-server-debuginfo-1.10.2-3.fc7.i386.rpm
03305936ec156c8fa0d10cffbc9fc93a5a4127aa evolution-data-server-1.10.2-3.fc7.x86_64.rpm
5524916165aeaa11494538982dd759b9b91b5577 evolution-data-server-devel-1.10.2-3.fc7.x86_64.rpm
8cf8f7708068e85200b4df16d7d2c9e1ead60f21 evolution-data-server-debuginfo-1.10.2-3.fc7.x86_64.rpm
8ac61818458973564084bca23bdbfba99c3d64d6 evolution-data-server-devel-1.10.2-3.fc7.ppc.rpm
6bb580149a8ccc47eb0dbb061946b58115b32471 evolution-data-server-debuginfo-1.10.2-3.fc7.ppc.rpm
b5725dc8e251ade0d2527e02bec325bedeb4e2c7 evolution-data-server-1.10.2-3.fc7.ppc.rpm
91e2457a0ea815b4137d4d367bd7c3c7cdcdef41 evolution-data-server-1.10.2-3.fc7.src.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/
8c9ccbd32878df146b16bac099d089601c177668 SRPMS/evolution-data-server-1.6.3-5.fc5.src.rpm
8c9ccbd32878df146b16bac099d089601c177668 noarch/evolution-data-server-1.6.3-5.fc5.src.rpm
5d029c9d3b25691ce4a0142dd21eadabb280db66 ppc/evolution-data-server-devel-1.6.3-5.fc5.ppc.rpm
3d23bd29e17cdb3b83621f80db705a324c1b1967 ppc/debug/evolution-data-server-debuginfo-1.6.3-5.fc5.ppc.rpm
fdcfde6a259cd60697891f6d075e02baa2a6e0e6 ppc/evolution-data-server-1.6.3-5.fc5.ppc.rpm
643179e8aff4f100b2d7d8e9bd4167b50f664611 x86_64/evolution-data-server-1.6.3-5.fc5.x86_64.rpm
deefb3937ed2b9bf37a168f6fd310911ff6bd575 x86_64/debug/evolution-data-server-debuginfo-1.6.3-5.fc5.x86_64.rpm
64afe4d537c18af4a8798f6bd741508974fbb6a9 x86_64/evolution-data-server-devel-1.6.3-5.fc5.x86_64.rpm
e407f8fb3693029e181b77a8e7ed28785ae0b486 i386/evolution-data-server-1.6.3-5.fc5.i386.rpm
392cbd96903ca5ed5d4ddebfc63c7a6563f8e9e7 i386/evolution-data-server-devel-1.6.3-5.fc5.i386.rpm
7cf4abeabd42ceb37669070066e8d5bb1b3fe47b i386/debug/evolution-data-server-debuginfo-1.6.3-5.fc5.i386.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/
44be4515e9eab5a3e3d94d497af9799284d4887c SRPMS/evolution-data-server-1.8.3-7.fc6.src.rpm
44be4515e9eab5a3e3d94d497af9799284d4887c noarch/evolution-data-server-1.8.3-7.fc6.src.rpm
67efaa0d2b17af6b624ce6463a9feb6929955b91 ppc/debug/evolution-data-server-debuginfo-1.8.3-7.fc6.ppc.rpm
63e9bf4f010ea42c546877975459592e9736fe10 ppc/evolution-data-server-devel-1.8.3-7.fc6.ppc.rpm
b86665ed3abfbd5d710ded16744fa31f73fdc218 ppc/evolution-data-server-1.8.3-7.fc6.ppc.rpm
fc2f4f47d5a1b5a9bba9e558e84fecf2d244e728 x86_64/evolution-data-server-devel-1.8.3-7.fc6.x86_64.rpm
a4aa6bcce3da1efc9b41032a69689b40d683d051 x86_64/debug/evolution-data-server-debuginfo-1.8.3-7.fc6.x86_64.rpm
193eeb012fbad3c9c9e27b165f2cddc1a35561be x86_64/evolution-data-server-1.8.3-7.fc6.x86_64.rpm
23592533872a0f9459858ef083f489bea92614bb i386/evolution-data-server-devel-1.8.3-7.fc6.i386.rpm
34efa81ec9698c4b19c274d13f74e3d61630bd38 i386/evolution-data-server-1.8.3-7.fc6.i386.rpm
f4e926b1f5eafac88e048fc66a5a3d73bd9e64a0 i386/debug/evolution-data-server-debuginfo-1.8.3-7.fc6.i386.rpm
References
http://www.vupen.com/english/advisories/2007/2297
https://www.redhat.com/archives/fedora-package-announce/2007-June/msg00297.html
https://www.redhat.com/archives/fedora-package-announce/2007-June/msg00626.html
https://www.redhat.com/archives/fedora-package-announce/2007-June/msg00627.html
ChangeLog
2007-06-25 : Initial release
2007-06-29 : Updated Solution
Vulnerability Management
Subscribe to VUPEN VNS and receive real-time e-mail and SMS alerts when new advisories or patches relevant to your systems and network configurations are available.
Feedback
If you have additional information or corrections for this security advisory please submit them via our contact form. | |
|
