Vulnerability in Evolution mail client
Security services provider Secunia has reported that crafted memos could be hazardous for PCs belonging to users of open source mail client Evolution. According to the report, the memo preview feature contains a format string vulnerability which could be used by an attacker to inject code onto a victim's computer using manipulated memos. The bug is in the write_html() function in the calendar/gui/e-cal-component-memo-preview.c module for displaying memo categories. According to Secunia, a victim needs to open a shared memo in their mailbox and switch to memo view - the bug does not apparently occur in mailbox view, as the category view is unavailable.
The bug has been confirmed in version 126.96.36.199 and other versions are probably also vulnerable. According to the advisory, the Linux distributors have been informed of the bug and bug-fixed versions should be being released soon. Until then, users should proceed with caution when viewing shared memos.
- Evolution Shared Memo Categories Format String Vulnerability, security advisory from Secunia