Mandriva Update For Evolution MDKSA-2007:136 (evolution) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

A flaw in Evolution/evolution-data-server was found in how Evolution would process certain IMAP server messages. If a user were tricked into connecting to a malicious IMAP server, it was possible that arbitrary code could be executed with the privileges of the user using Evolution. Updated packages have been patched to prevent this issue.

Affected

evolution on Mandriva Linux 2007.0, Mandriva Linux 2007.0/X86_64, Mandriva Linux 2007.1, Mandriva Linux 2007.1/X86_64

Severity

Classification

CVE CVE-2007-3257
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:079 (postgresql)
Mandrake Security Advisory MDVSA-2009:127 (gaim)
Mandrake Security Advisory MDVSA-2009:170 (initscripts)
Mandrake Security Advisory MDVSA-2009:038 (blender)
Mandrake Security Advisory MDVSA-2009:122 (squirrelmail)

Mandriva Update for evolution MDKSA-2007:136 (evolution)

Take action and discover your vulnerabilities