diff options
| author | Xin LI <delphij@FreeBSD.org> | 2007-06-25 10:57:52 +0000 |
|---|---|---|
| committer | Xin LI <delphij@FreeBSD.org> | 2007-06-25 10:57:52 +0000 |
| commit | f64828b3cfb0193dc16236a02f4ab8bc2d709027 (patch) | |
| tree | dfdc18aa371f69d7a0176b5a86f126c9378c4d87 /security/vuxml/vuln.xml | |
| parent | d84e5b7f1fa8e12b896333e67727291b87a23873 (diff) | |
| download | ports-f64828b3cfb0193dc16236a02f4ab8bc2d709027.tar.gz ports-f64828b3cfb0193dc16236a02f4ab8bc2d709027.zip | |
Notes
Diffstat (limited to 'security/vuxml/vuln.xml')
| -rw-r--r-- | security/vuxml/vuln.xml | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 26981bed0dcb..1ffc63a19f7e 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -34,6 +34,36 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="b1b5c125-2308-11dc-b91a-001921ab2fa4"> + <topic>evolution-data-server -- remote execution of arbitrary code vulnerability</topic> + <affects> + <package> + <name>evolution-data-server</name> + <range><lt>1.11.4</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Debian project reports:</p> + <blockquote cite="http://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00082.html"> + <p>It was discovered that the IMAP code in the Evolution + Data Server performs insufficient sanitising of a value + later used an array index, which can lead to the execution + of arbitrary code.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2007-3257</cvename> + <url>http://secunia.com/advisories/25766/</url> + <url>http://bugzilla.gnome.org/show_bug.cgi?id=447414</url> + </references> + <dates> + <discovery>2007-06-23</discovery> + <entry>2007-06-25</entry> + </dates> + </vuln> + <vuln vid="d337b206-200f-11dc-a197-0011098b2f36"> <topic>xpcd -- buffer overflow</topic> <affects> |