CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
76.2%
GNOME Evolution before 3.2.3 allows user-assisted remote attackers to read arbitrary files via the attachment parameter to a mailto: URL, which attaches the file to the email.
Vendor | Product | Version | CPE |
---|---|---|---|
oracle | solaris | 11.2 | cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:* |
gnome | evolution | * | cpe:2.3:a:gnome:evolution:*:*:*:*:*:*:*:* |
gnome | evolution | 1.0.8 | cpe:2.3:a:gnome:evolution:1.0.8:*:*:*:*:*:*:* |
gnome | evolution | 1.2 | cpe:2.3:a:gnome:evolution:1.2:*:*:*:*:*:*:* |
gnome | evolution | 1.2.1 | cpe:2.3:a:gnome:evolution:1.2.1:*:*:*:*:*:*:* |
gnome | evolution | 1.2.2 | cpe:2.3:a:gnome:evolution:1.2.2:*:*:*:*:*:*:* |
gnome | evolution | 1.2.3 | cpe:2.3:a:gnome:evolution:1.2.3:*:*:*:*:*:*:* |
gnome | evolution | 1.2.4 | cpe:2.3:a:gnome:evolution:1.2.4:*:*:*:*:*:*:* |
gnome | evolution | 1.4 | cpe:2.3:a:gnome:evolution:1.4:*:*:*:*:*:*:* |
gnome | evolution | 1.4.3 | cpe:2.3:a:gnome:evolution:1.4.3:*:*:*:*:*:*:* |
rhn.redhat.com/errata/RHSA-2013-0516.html
www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html
bugzilla.gnome.org/show_bug.cgi?id=657374
bugzilla.redhat.com/show_bug.cgi?id=733504
exchange.xforce.ibmcloud.com/vulnerabilities/82450
git.gnome.org/browse/evolution/commit/?id=0a478083fa31aec0059bc6feacc054226fe55b56
git.gnome.org/browse/evolution/commit/?id=588c410718068388f8ce0004a71c104a4c89cce3