Mandriva Linux Security Advisory : evolution (MDVSA-2008:111)

high Nessus Plugin ID 37236

Synopsis

The remote Mandriva Linux host is missing one or more security updates.

Description

Alan Rad Pop of Secunia Research discovered the following two vulnerabilities in Evolution :

Evolution did not properly validate timezone data when processing iCalendar attachments. If a user disabled the Itip Formatter plugin and viewed a crafted iCalendar attachment, an attacker could cause a denial of service or potentially execute arbitrary code with the user's privileges (CVE-2008-1108).

Evolution also did not properly validate the DESCRIPTION field when processing iCalendar attachments. If a user were tricked into accepting a crafted iCalendar attachment and replied to it from the calendar window, an attacker could cause a denial of service or potentially execute arbitrary code with the user's privileges (CVE-2008-1109).

In addition, Matej Cepl found that Evolution did not properly validate date fields when processing iCalendar attachments, which could lead to a denial of service if the user viewed a crafted iCalendar attachment with the Itip Formatter plugin disabled.

Mandriva Linux has the Itip Formatter plugin enabled by default.

The updated packages have been patched to prevent these issues.

Solution

Update the affected packages.

Plugin Details

Severity: High

ID: 37236

File Name: mandriva_MDVSA-2008-111.nasl

Version: 1.14

Type: local

Published: 4/23/2009

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:evolution, p-cpe:/a:mandriva:linux:evolution-devel, p-cpe:/a:mandriva:linux:evolution-mono, p-cpe:/a:mandriva:linux:evolution-pilot, cpe:/o:mandriva:linux:2008.0, cpe:/o:mandriva:linux:2008.1

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Patch Publication Date: 6/10/2008

Reference Information

CVE: CVE-2008-1108, CVE-2008-1109

CWE: 119

MDVSA: 2008:111