Vulnerability Description
Camel (camel-imap-folder.c) in the mailer component for Evolution Data Server 1.11 allows remote IMAP servers to execute arbitrary code via a negative SEQUENCE value in GData, which is used as an array index.
CVSS Score
6.8
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Gnome | Evolution | 1.11 |
References
- ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc
- http://bugzilla.gnome.org/show_bug.cgi?id=447414
- http://mail.gnome.org/archives/evolution-hackers/2007-June/msg00064.html
- http://osvdb.org/37489
- http://secunia.com/advisories/25765
- http://secunia.com/advisories/25766
- http://secunia.com/advisories/25774
- http://secunia.com/advisories/25777
- http://secunia.com/advisories/25793
- http://secunia.com/advisories/25798
- http://secunia.com/advisories/25843
- http://secunia.com/advisories/25880
- http://secunia.com/advisories/25894
- http://secunia.com/advisories/25906
- http://secunia.com/advisories/25958
FAQ
What is CVE-2007-3257?
CVE-2007-3257 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Camel (camel-imap-folder.c) in the mailer component for Evolution Data Server 1.11 allows remote IMAP servers to execute arbitrary code via a negative SEQUENCE value in GData, which is used as an arra...
How severe is CVE-2007-3257?
CVE-2007-3257 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-3257?
Check the references section above for vendor advisories and patch information. Affected products include: Gnome Evolution.