CVE-2007-1002
published 2007-03-21CVE-2007-1002: Format string vulnerability in the write_html function in calendar/gui/e-cal-component-memo-preview.c in Evolution Shared Memo 2.8.2.1, and possibly earlier…
medium6.8CVSS 3.1
AVNACMAuNCPIPAP
Format string vulnerability in the write_html function in calendar/gui/e-cal-component-memo-preview.c in Evolution Shared Memo 2.8.2.1, and possibly earlier versions, allows user-assisted remote attackers to execute arbitrary code via format specifiers in the categories of a crafted shared memo.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | evolution | < evolution 2.10.2-1 (bookworm) | evolution 2.10.2-1 (bookworm) |
| evolution | shared_memo | — | — |
| gnome | evolution | >= 0 < 2.10.2-1 | 2.10.2-1 |
| gnome | evolution | >= 0 < 2.10.2-1 | 2.10.2-1 |
| gnome | evolution | >= 0 < 2.10.2-1 | 2.10.2-1 |
| gnome | evolution | >= 0 < 2.10.2-1 | 2.10.2-1 |
CVSS provenance
nvd6.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM