Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.58412
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2007:0509
Summary:NOSUMMARY
Description:Description:

The remote host is missing updates announced in
advisory RHSA-2007:0509.

Evolution is the GNOME collection of personal information management (PIM)
tools.

A flaw was found in the way Evolution processes certain IMAP server
messages. If a user can be tricked into connecting to a malicious IMAP
server it may be possible to execute arbitrary code as the user running
evolution. (CVE-2007-3257)

All users of Evolution should upgrade to these updated packages, which
contain a backported patch which resolves this issue.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2007-0509.html
http://www.redhat.com/security/updates/classification/#important

Risk factor : High

CVSS Score:
6.8

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2007-3257
BugTraq ID: 24567
http://www.securityfocus.com/bid/24567
Bugtraq: 20070615 rPSA-2007-0122-1 evolution-data-server (Google Search)
http://www.securityfocus.com/archive/1/471455/100/0/threaded
Debian Security Information: DSA-1321 (Google Search)
http://www.debian.org/security/2007/dsa-1321
Debian Security Information: DSA-1325 (Google Search)
http://www.debian.org/security/2007/dsa-1325
http://www.gentoo.org/security/en/glsa/glsa-200707-03.xml
http://security.gentoo.org/glsa/glsa-200711-04.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:136
http://bugzilla.gnome.org/show_bug.cgi?id=447414
http://mail.gnome.org/archives/evolution-hackers/2007-June/msg00064.html
http://osvdb.org/37489
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11724
http://www.redhat.com/support/errata/RHSA-2007-0509.html
http://www.redhat.com/support/errata/RHSA-2007-0510.html
http://www.securitytracker.com/id?1018284
http://secunia.com/advisories/25765
http://secunia.com/advisories/25766
http://secunia.com/advisories/25774
http://secunia.com/advisories/25777
http://secunia.com/advisories/25793
http://secunia.com/advisories/25798
http://secunia.com/advisories/25843
http://secunia.com/advisories/25880
http://secunia.com/advisories/25894
http://secunia.com/advisories/25906
http://secunia.com/advisories/25958
http://secunia.com/advisories/26083
SGI Security Advisory: 20070602-01-P
ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc
SuSE Security Announcement: SUSE-SA:2007:042 (Google Search)
http://www.novell.com/linux/security/advisories/2007_42_evolution.html
SuSE Security Announcement: SUSE-SR:2007:014 (Google Search)
http://www.novell.com/linux/security/advisories/2007_14_sr.html
http://www.ubuntu.com/usn/usn-475-1
http://www.vupen.com/english/advisories/2007/2282
XForce ISS Database: gnome-imaprescan-code-execution(34964)
https://exchange.xforce.ibmcloud.com/vulnerabilities/34964
CopyrightCopyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.