CVE-2009-0587

Publication date 14 March 2009

Last updated 24 July 2024

Ubuntu priority

Multiple integer overflows in Evolution Data Server (aka evolution-data-server) before 2.24.5 allow context-dependent attackers to execute arbitrary code via a long string that is converted to a base64 representation in (1) addressbook/libebook/e-vcard.c in evc or (2) camel/camel-mime-utils.c in libcamel.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
evolution-data-server	8.10 intrepid	Not affected
	8.04 LTS hardy	Not affected
	7.10 gutsy	Fixed 1.12.1-0ubuntu2.1
	6.06 LTS dapper	Fixed 1.6.1-0ubuntu7.2

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-733-1
evolution-data-server vulnerability
16 March 2009

Other references

https://www.cve.org/CVERecord?id=CVE-2009-0587