FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

evolution-data-server -- remote execution of arbitrary code vulnerability

Affected packages
evolution-data-server < 1.10.2_1
1.11.* < evolution-data-server < 1.11.4

Details

VuXML ID b1b5c125-2308-11dc-b91a-001921ab2fa4
Discovery 2007-06-23
Entry 2007-06-25
Modified 2007-06-28

Debian project reports:

It was discovered that the IMAP code in the Evolution Data Server performs insufficient sanitising of a value later used an array index, which can lead to the execution of arbitrary code.

References

CVE Name CVE-2007-3257
URL http://bugzilla.gnome.org/show_bug.cgi?id=447414
URL http://secunia.com/advisories/25766/