Evolution Vulnerability

Application: Evolution 2.22.2
S: Linux - Ubuntu 8.04

1 - Description
2 - Vulnerability
3 - PC/EXPLIT



Description

Evolution is an email client that is built with ubuntu.



Vulnerability


The vulnerability works when mail is sent and specially armed with html code, this causes the client to break.

Analyzing with a debugger, you can see the failure with the following function.


0xb7a219d7 in html_engine_get_view_width () from /usr/lib/libgtkhtml-3.14.so.19



PC/EXPLIT


The proof of concept can be done locally,
when you save the following code in a html file and then load it into an e-mail from the new option "insert" and "html file",
as that could verify the client is broken.

<IFRAME SRC="A"></IFRAME>
<FRAMESET><FRAME SRC="A"></FRAMESET>


Juan Pablo Lopez Yacubian