CVE-2011-3201

EUVD-2011-3165
GNOME Evolution before 3.2.3 allows user-assisted remote attackers to read arbitrary files via the attachment parameter to a mailto: URL, which attaches the file to the email.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 73%
Affected Products (NVD)
VendorProductVersion
oraclesolaris
11.2
gnomeevolution
𝑥
≤ 3.0.3
gnomeevolution
1.0.8
gnomeevolution
1.2
gnomeevolution
1.2.1
gnomeevolution
1.2.2
gnomeevolution
1.2.3
gnomeevolution
1.2.4
gnomeevolution
1.4
gnomeevolution
1.4.3
gnomeevolution
1.4.4
gnomeevolution
1.4.5
gnomeevolution
1.4.6
gnomeevolution
1.5
gnomeevolution
1.11
gnomeevolution
2.0
gnomeevolution
2.0.0
gnomeevolution
2.0.1
gnomeevolution
2.0.2
gnomeevolution
2.1
gnomeevolution
2.2
gnomeevolution
2.2.1
gnomeevolution
2.3.1
gnomeevolution
2.3.2
gnomeevolution
2.3.3
gnomeevolution
2.3.4
gnomeevolution
2.3.5
gnomeevolution
2.3.6
gnomeevolution
2.3.6.1
gnomeevolution
2.3.7
gnomeevolution
2.4
gnomeevolution
2.4.2.1
gnomeevolution
2.6
gnomeevolution
2.8.1
gnomeevolution
2.10.3
gnomeevolution
2.12
gnomeevolution
2.12.3
gnomeevolution
2.22.1
gnomeevolution
2.22.3
gnomeevolution
2.24
gnomeevolution
2.24.5
gnomeevolution
2.26.1
gnomeevolution
2.26.3
gnomeevolution
2.28.3.1
gnomeevolution
2.30.3
gnomeevolution
2.32.3
redhatenterprise_linux_desktop
6.0
redhatenterprise_linux_server
6.0
redhatenterprise_linux_workstation
6.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
evolution
bookworm
unimportant
bullseye
unimportant
bullseye (security)
unimportant
sid
unimportant
trixie
unimportant
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
evolution
precise
not-affected
trusty
dne
xenial
not-affected
Common Weakness Enumeration
References
http://rhn.redhat.com/errata/RHSA-2013-0516.html
http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html
https://bugzilla.gnome.org/show_bug.cgi?id=657374
https://bugzilla.redhat.com/show_bug.cgi?id=733504
https://exchange.xforce.ibmcloud.com/vulnerabilities/82450
https://git.gnome.org/browse/evolution/commit/?id=0a478083fa31aec0059bc6feacc054226fe55b56
https://git.gnome.org/browse/evolution/commit/?id=588c410718068388f8ce0004a71c104a4c89cce3
http://rhn.redhat.com/errata/RHSA-2013-0516.html
http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html
https://bugzilla.gnome.org/show_bug.cgi?id=657374
https://bugzilla.redhat.com/show_bug.cgi?id=733504
https://exchange.xforce.ibmcloud.com/vulnerabilities/82450
https://git.gnome.org/browse/evolution/commit/?id=0a478083fa31aec0059bc6feacc054226fe55b56
https://git.gnome.org/browse/evolution/commit/?id=588c410718068388f8ce0004a71c104a4c89cce3