Mandriva Linux Security Advisory : evolution (MDVSA-2008:111)
High Nessus Plugin ID 37236
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionAlan Rad Pop of Secunia Research discovered the following two vulnerabilities in Evolution :
Evolution did not properly validate timezone data when processing iCalendar attachments. If a user disabled the Itip Formatter plugin and viewed a crafted iCalendar attachment, an attacker could cause a denial of service or potentially execute arbitrary code with the user's privileges (CVE-2008-1108).
Evolution also did not properly validate the DESCRIPTION field when processing iCalendar attachments. If a user were tricked into accepting a crafted iCalendar attachment and replied to it from the calendar window, an attacker could cause a denial of service or potentially execute arbitrary code with the user's privileges (CVE-2008-1109).
In addition, Matej Cepl found that Evolution did not properly validate date fields when processing iCalendar attachments, which could lead to a denial of service if the user viewed a crafted iCalendar attachment with the Itip Formatter plugin disabled.
Mandriva Linux has the Itip Formatter plugin enabled by default.
The updated packages have been patched to prevent these issues.
SolutionUpdate the affected packages.