Multiple integer overflows in Evolution Data Server (aka evolution-data-server) before 2.24.5 allow context-dependent attackers to execute arbitrary code via a long string that is converted to a base64 representation in (1) addressbook/libebook/e-vcard.c in evc or (2) camel/camel-mime-utils.c in libcamel.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Evolution-data-server | Go-evolution | * | 2.24.4 (including) |