CVE-2011-3201 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	4.3 UNKNOWN	NETWORK	MEDIUM		AV:N/AC:M/Au:N/C:P/I:N/A:N

Base Score

CVSS 3.x

EPSS Score

Percentile: 74%

Affected Products (NVD)

Vendor	Product	Version
oracle	solaris	11.2
gnome	evolution	𝑥 ≤ 3.0.3
gnome	evolution	1.0.8
gnome	evolution	1.2
gnome	evolution	1.2.1
gnome	evolution	1.2.2
gnome	evolution	1.2.3
gnome	evolution	1.2.4
gnome	evolution	1.4
gnome	evolution	1.4.3
gnome	evolution	1.4.4
gnome	evolution	1.4.5
gnome	evolution	1.4.6
gnome	evolution	1.5
gnome	evolution	1.11
gnome	evolution	2.0
gnome	evolution	2.0.0
gnome	evolution	2.0.1
gnome	evolution	2.0.2
gnome	evolution	2.1
gnome	evolution	2.2
gnome	evolution	2.2.1
gnome	evolution	2.3.1
gnome	evolution	2.3.2
gnome	evolution	2.3.3
gnome	evolution	2.3.4
gnome	evolution	2.3.5
gnome	evolution	2.3.6
gnome	evolution	2.3.6.1
gnome	evolution	2.3.7
gnome	evolution	2.4
gnome	evolution	2.4.2.1
gnome	evolution	2.6
gnome	evolution	2.8.1
gnome	evolution	2.10.3
gnome	evolution	2.12
gnome	evolution	2.12.3
gnome	evolution	2.22.1
gnome	evolution	2.22.3
gnome	evolution	2.24
gnome	evolution	2.24.5
gnome	evolution	2.26.1
gnome	evolution	2.26.3
gnome	evolution	2.28.3.1
gnome	evolution	2.30.3
gnome	evolution	2.32.3
redhat	enterprise_linux_desktop	6.0
redhat	enterprise_linux_server	6.0
redhat	enterprise_linux_workstation	6.0

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

evolution

bookworm	unimportant
bullseye	unimportant
bullseye (security)	unimportant
sid	unimportant
trixie	unimportant

Ubuntu Releases

Ubuntu Product

Codename

evolution

precise	not-affected
trusty	dne
xenial	not-affected

Red Hat Enterprise Linux Releases

Red Hat Product

Release

evolution

RHEL 6

0:2.28.3-30.el6

fixed

evolution-conduits

RHEL 6

0:2.28.3-30.el6

fixed

evolution-devel

RHEL 6

0:2.28.3-30.el6

fixed

evolution-help

RHEL 6

0:2.28.3-30.el6

fixed

evolution-perl

RHEL 6

0:2.28.3-30.el6

fixed

evolution-pst

RHEL 6

0:2.28.3-30.el6

fixed

evolution-spamassassin

RHEL 6

0:2.28.3-30.el6

fixed

Common Weakness Enumeration

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References

http://rhn.redhat.com/errata/RHSA-2013-0516.html

http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html

https://bugzilla.gnome.org/show_bug.cgi?id=657374

https://bugzilla.redhat.com/show_bug.cgi?id=733504

https://exchange.xforce.ibmcloud.com/vulnerabilities/82450

https://git.gnome.org/browse/evolution/commit/?id=0a478083fa31aec0059bc6feacc054226fe55b56

https://git.gnome.org/browse/evolution/commit/?id=588c410718068388f8ce0004a71c104a4c89cce3

http://rhn.redhat.com/errata/RHSA-2013-0516.html

http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html

https://bugzilla.gnome.org/show_bug.cgi?id=657374

https://bugzilla.redhat.com/show_bug.cgi?id=733504

https://exchange.xforce.ibmcloud.com/vulnerabilities/82450

https://git.gnome.org/browse/evolution/commit/?id=0a478083fa31aec0059bc6feacc054226fe55b56

https://git.gnome.org/browse/evolution/commit/?id=588c410718068388f8ce0004a71c104a4c89cce3