Oval Definition:oval:org.opensuse.security:def:20081109
Revision Date:2022-06-30Version:1
Title:CVE-2008-1109
Description:

Heap-based buffer overflow in Evolution 2.22.1 allows user-assisted remote attackers to execute arbitrary code via a long DESCRIPTION property in an iCalendar attachment, which is not properly handled during a reply in the calendar view (aka the Calendars window).
Family:unixClass:vulnerability
Status:Reference(s):CVE-2008-1109
Mitre CVE-2008-1109
SUSE CVE-2008-1109
SUSE-SA:2008:028
SUSE-SA:2008:028
Platform(s):Novell Linux Desktop 9 for x86
Novell Linux Desktop 9 for x86_64
openSUSE 10.3
openSUSE 11.0
openSUSE Tumbleweed
SUSE Linux Enterprise SDK 10 SP2
SUSE Linux Enterprise Software Development Kit 11 SP4
Product(s):
Definition Synopsis
  • sles10-sp2-sdk is installed
  • AND Package Information
  • evolution-devel less than 2.6.0-49.79
  • OR evolution-pilot less than 2.6.0-49.79
  • OR evolution less than 2.6.0-49.79
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 11 SP4 is installed
  • AND Package Information
  • evolution-2.28.2-0.30 is installed
  • OR evolution-devel-2.28.2-0.30 is installed
  • OR evolution-lang-2.28.2-0.30 is installed
    • Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND Package Information
  • evolution-3.40.4-1.4 is installed
  • OR evolution-devel-3.40.4-1.4 is installed
  • OR evolution-lang-3.40.4-1.4 is installed
  • OR evolution-plugin-bogofilter-3.40.4-1.4 is installed
  • OR evolution-plugin-pst-import-3.40.4-1.4 is installed
  • OR evolution-plugin-spamassassin-3.40.4-1.4 is installed
  • OR evolution-plugin-text-highlight-3.40.4-1.4 is installed
  • OR glade-catalog-evolution-3.40.4-1.4 is installed
    • BACK