Format string vulnerability in the emf_multipart_encrypted function in mail/em-format.c in Evolution 2.12.3 and earlier allows remote attackers to execute arbitrary code via a crafted encrypted message, as demonstrated using the Version field.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P
Vendors Products
Linux
  • Linux Kernel
Gnome
  • Evolution

Configuration 1 [-]

AND
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:a:gnome:evolution:*:*:*:*:*:*:*:*
References
Link Resource
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00003.html
http://secunia.com/advisories/29057 Vendor Advisory
http://secunia.com/advisories/29163 Vendor Advisory
http://secunia.com/advisories/29210 Vendor Advisory
http://secunia.com/advisories/29244 Vendor Advisory
http://secunia.com/advisories/29258 Vendor Advisory
http://secunia.com/advisories/29264 Vendor Advisory
http://secunia.com/advisories/29317 Vendor Advisory
http://secunia.com/advisories/30437 Vendor Advisory
http://secunia.com/advisories/30491 Vendor Advisory
http://secunia.com/secunia_research/2008-8/advisory/ Vendor Advisory
http://security.gentoo.org/glsa/glsa-200803-12.xml
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0105
http://www.debian.org/security/2008/dsa-1512 Patch
http://www.kb.cert.org/vuls/id/512491 US Government Resource
http://www.mandriva.com/security/advisories?name=MDVSA-2008:063
http://www.redhat.com/support/errata/RHSA-2008-0177.html Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2008-0178.html Vendor Advisory
http://www.securityfocus.com/archive/1/492684/100/0/threaded
http://www.securityfocus.com/bid/28102
http://www.securitytracker.com/id?1019540
http://www.ubuntu.com/usn/usn-583-1
http://www.vupen.com/english/advisories/2008/0768/references Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/41011
https://issues.rpath.com/browse/RPL-2310
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10701
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00190.html
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00195.html
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: flexera

Published: 2008-03-06T00:00:00

Updated: 2018-10-15T20:57:01

Reserved: 2008-01-03T00:00:00

Link: CVE-2008-0072

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2008-03-06T00:44:00.000

Modified: 2018-10-15T21:57:34.263

Link: CVE-2008-0072

JSON object: View

cve-icon Redhat Information

No data.

CWE