search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

GNOME Evolution format string vulnerability

Vulnerability Note VU#512491

Original Release Date: 2008-03-07 | Last Revised: 2008-03-07

Overview

The GNOME Evolution mail client contains a format string vulnerability that may allow an attacker to execute code.

Description

Evolution is the default mail client for the GNOME desktop environment. Evolution supports both GPG and S/MIME mail encryption.

From Secunia Advisory SA29057:
A format string error in the "emf_multipart_encrypted()" function in mail/em-format.c when displaying data (e.g. the "Version:" field) from an encrypted e-mail message can be exploited to execute arbitrary code via a specially crafted e-mail message.

Successful exploitation requires that the user selects a malicious e-mail message.

Impact

A remote, unauthenticated attacker may be able to execute arbitrary code or cause Evolution to crash.

Solution

Upgrade

The Evolution team has released a patch to address this issue. See GNOME Bug 520745 for more information. Users and administrators who do not compile Evolution from source should obtain fixed software from their operating system vendor.

Vendor Information

512491
 
Expand all

Debian GNU/Linux Affected

Updated:  March 07, 2008

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

GNOME Affected

Updated:  March 07, 2008

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

See http://bugzilla.gnome.org/show_bug.cgi?id=520745 for more details.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Gentoo Linux Affected

Updated:  March 07, 2008

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

See http://www.gentoo.org/security/en/glsa/glsa-200803-12.xml for more details.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Red Hat, Inc. Affected

Updated:  March 07, 2008

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

See https://rhn.redhat.com/errata/RHSA-2008-0177.html for more information.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Ubuntu Affected

Updated:  March 07, 2008

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

See http://www.ubuntu.com/usn/usn-583-1 for more information.

If you have feedback, comments, or additional information about this vulnerability, please send us email.


CVSS Metrics

Group Score Vector
Base
Temporal
Environmental

References

Acknowledgements

This vulnerability was made public by Ulf Harnhammar of Secunia Research.

This document was written by Ryan Giobbi.

Other Information

CVE IDs: CVE-2008-0072
Severity Metric: 1.80
Date Public: 2008-03-05
Date First Published: 2008-03-07
Date Last Updated: 2008-03-07 14:46 UTC
Document Revision: 23

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis