VDB
CVE-2008-1109
CVE-2008-1109
PUBLISHED
CVSS 9.300000190734863 CRITICAL
Heap-based buffer overflow in Evolution 2.22.1 allows user-assisted remote attackers to execute arbitrary code via a long DESCRIPTION property in an iCalendar attachment, which is not properly handled during a reply in the calendar view (aka the Calendars window).
EPSS 4.24% · 89.0th percentile
Risk Scores
CVSS 2.0
9.300000190734863
EPSS Score
4.24%
89.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| gnome | evolution | 2.22.1 |
| n/a | n/a | n/a |
Exploit Intelligence
- FEDORA-2008-5018 (circl)
- ADV-2008-1732 (circl)
- 30298 (circl)
- FEDORA-2008-5016 (circl)
- 30564 (circl)
- SUSE-SA:2008:028 (circl)
- RHSA-2008:0515 (circl)
- GLSA-200806-06 (circl)
- 30571 (circl)
- FEDORA-2008-4990 (circl)
…and 11 more exploits
Timeline
- Jun 4, 2008 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
References
- FEDORA-2008-5018 vendor-advisory
- ADV-2008-1732 vdb
- 30298 third-party-advisory
- FEDORA-2008-5016 vendor-advisory
- 30564 third-party-advisory
- SUSE-SA:2008:028 vendor-advisory
- RHSA-2008:0515 vendor-advisory
- GLSA-200806-06 vendor-advisory
- 30571 third-party-advisory
- FEDORA-2008-4990 vendor-advisory
- evolution-icalendar-description-bo(42826) vdb
- http://www.securityfocus.com/bid/29527 technical
- 1020170 vdb
- http://secunia.com/secunia_research/2008-23/advisory/ url
- RHSA-2008:0514 vendor-advisory
- 30716 third-party-advisory
- 30527 third-party-advisory
- 30702 third-party-advisory
- MDVSA-2008:111 vendor-advisory
- oval:org.mitre.oval:def:10337 vdb
…and 3 more