CVE-2005-2549

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
12/08/2005
Last modified:
03/04/2025

Description

Multiple format string vulnerabilities in Evolution 1.5 through 2.3.6.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) full vCard data, (2) contact data from remote LDAP servers, or (3) task list data from remote servers.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:gnome:evolution:1.5:*:*:*:*:*:*:*
cpe:2.3:a:gnome:evolution:2.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:evolution:2.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:evolution:2.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:evolution:2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:evolution:2.3.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:evolution:2.3.3:*:*:*:*:*:*:*
cpe:2.3:a:gnome:evolution:2.3.4:*:*:*:*:*:*:*
cpe:2.3:a:gnome:evolution:2.3.5:*:*:*:*:*:*:*
cpe:2.3:a:gnome:evolution:2.3.6.1:*:*:*:*:*:*:*