CentOS Update For Evolution CESA-2008:0516 Centos4 X86_64 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Evolution is the integrated collection of e-mail, calendaring, contact management, communications and personal information management (PIM) tools for the GNOME desktop environment. A flaw was found in the way Evolution parsed iCalendar timezone attachment data. If mail which included a carefully crafted iCalendar attachment was opened, arbitrary code could be executed as the user running Evolution. (CVE-2008-1108) Red Hat would like to thank Alin Rad Pop of Secunia Research for responsibly disclosing this issue. All users of Evolution should upgrade to these updated packages, which contains a backported patch which resolves this issue.

Affected

evolution on CentOS 4

References

http://lists.centos.org/pipermail/centos-announce/2008-June/014968.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-1108

CVSS	Base Score: 7.6 AV:N/AC:H/Au:N/C:C/I:C/A:C

Related Vulnerabilities

CentOS Security Advisory CESA-2009:1209 (curl)
CentOS Security Advisory CESA-2009:0275 (imap)
CentOS Security Advisory CESA-2009:1218 (pidgin)
CentOS Security Advisory CESA-2009:0005 (gnome-vfs2)
CentOS Security Advisory CESA-2009:0449 (firefox)

CentOS Update for evolution CESA-2008:0516 centos4 x86_64

Take action and discover your vulnerabilities