Launchpad CVE tracker

CVE 2008-1108

Buffer overflow in Evolution 2.22.1, when the ITip Formatter plugin is disabled, allows remote attackers to execute arbitrary code via a long timezone string in an iCalendar attachment.

Related bugs and status

CVE-2008-1108 (Candidate) is related to these bugs:

Bug #237956: [CVE-2008-1108, CVE-2008-1109] Evolution iCalendar buffer overflows

		In	Importance	Status
237956	[CVE-2008-1108, CVE-2008-1109] Evolution iCalendar buffer overflows	evolution (Ubuntu)	Medium	Fix Released
237956	[CVE-2008-1108, CVE-2008-1109] Evolution iCalendar buffer overflows	evolution (Ubuntu Dapper)	Undecided	Fix Released
237956	[CVE-2008-1108, CVE-2008-1109] Evolution iCalendar buffer overflows	evolution (Ubuntu Feisty)	Undecided	Fix Released
237956	[CVE-2008-1108, CVE-2008-1109] Evolution iCalendar buffer overflows	evolution (Ubuntu Hardy)	Undecided	Fix Released
237956	[CVE-2008-1108, CVE-2008-1109] Evolution iCalendar buffer overflows	evolution (Ubuntu Gutsy)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://secunia.com/sec...
SECUNIA: 30298
MANDRIVA: MDVSA-2008:111
REDHAT: RHSA-2008:0514
REDHAT: RHSA-2008:0515
REDHAT: RHSA-2008:0516
REDHAT: RHSA-2008:0517
SUSE: SUSE-SA:2008:028
UBUNTU: USN-615-1
BID: 29527
SECTRACK: 1020169
SECUNIA: 30571
SECUNIA: 30527
SECUNIA: 30536
GENTOO: GLSA-200806-06
SECUNIA: 30702
SECUNIA: 30716
FEDORA: FEDORA-2008-4990
FEDORA: FEDORA-2008-5016
FEDORA: FEDORA-2008-5018
SECUNIA: 30564
VUPEN: ADV-2008-1732
XF: evolution-icalendar-bo...
OVAL: oval:org.mitre.oval:de...

Launchpad.net

CVE 2008-1108

Related bugs and status

Related bugs

References