Gnome Evolution GnuPG Arbitrary Content Injection Vulnerability
BID:22760
Info
Gnome Evolution GnuPG Arbitrary Content Injection Vulnerability
| Bugtraq ID: | 22760 |
| Class: | Design Error |
| CVE: |
CVE-2007-1266 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 05 2007 12:00AM |
| Updated: | Mar 06 2007 06:35PM |
| Credit: | This vulnerability was found by Gerardo Richarte from Core Security Technologies. |
| Vulnerable: |
GNOME Evolution 2.8.1 GNOME Evolution 2.3.7 GNOME Evolution 2.3.6 .1 GNOME Evolution 2.3.6 GNOME Evolution 2.3.5 GNOME Evolution 2.3.4 GNOME Evolution 2.3.3 GNOME Evolution 2.3.2 GNOME Evolution 2.3.1 GNOME Evolution 2.2.3 GNOME Evolution 2.2.1 GNOME Evolution 2.2 GNOME Evolution 2.1 GNOME Evolution 2.0.4 GNOME Evolution 2.0.1 GNOME Evolution 2.0 GNOME Evolution 1.5 GNOME Evolution 1.0.5 |
| Not Vulnerable: | |
Discussion
Gnome Evolution GnuPG Arbitrary Content Injection Vulnerability
Evolution is prone to a vulnerability that may allow an attacker to add arbitrary content into a message without the end user knowing.
An attacker may be able to exploit this issue to add arbitrary content into a GnuPG signed and/or encrypted message.
This vulnerability is due to the weakness discussed in BID 22757 (GnuPG Signed Message Arbitrary Content Injection Weakness) and has been assigned its own BID because of the specific way that Evolution uses GnuPG.
This issue affects KMail versions prior to and including 2.8.1.
Evolution is prone to a vulnerability that may allow an attacker to add arbitrary content into a message without the end user knowing.
An attacker may be able to exploit this issue to add arbitrary content into a GnuPG signed and/or encrypted message.
This vulnerability is due to the weakness discussed in BID 22757 (GnuPG Signed Message Arbitrary Content Injection Weakness) and has been assigned its own BID because of the specific way that Evolution uses GnuPG.
This issue affects KMail versions prior to and including 2.8.1.
Exploit / POC
Gnome Evolution GnuPG Arbitrary Content Injection Vulnerability
The reporter of this issue has supplied multiple proof-of-concept examples demonstrating this issue. Please see the attached advisory for further information.
The reporter of this issue has supplied multiple proof-of-concept examples demonstrating this issue. Please see the attached advisory for further information.
Solution / Fix
Gnome Evolution GnuPG Arbitrary Content Injection Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
References
Gnome Evolution GnuPG Arbitrary Content Injection Vulnerability
References:
References:
- Evolution Product Page (GNOME)
- GnuPG Homepage (GnuPG)
- Impacket library (Core Security)
- CORE-2007-0115: GnuPG and GnuPG clients unsigned data injection vulnerability (CORE Security Technologies Advisories