icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Ximian Evolution < 2.3.8 Inline XML Content-parsing Overflow

Medium

Synopsis

The remote host is vulnerable to a buffer overflow.

Description

The remote host is running a version of the Ximian Evolution email client that does not properly parse user-supplied data. Specifically, this version of Evolution is reported to be vulnerable to a flaw in the way that it handles inline XML attachments. A remote attacker can craft an email message such that, upon opening, Evolution crashes or executes arbitrary code.

Solution

Upgrade to version 2.3.8 or higher.