CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
Percentile
91.0%
Camel (camel-imap-folder.c) in the mailer component for Evolution Data Server 1.11 allows remote IMAP servers to execute arbitrary code via a negative SEQUENCE value in GData, which is used as an array index.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | evolution | < 2.12.0-1 | evolution_2.12.0-1_all.deb |
Debian | 11 | all | evolution | < 2.12.0-1 | evolution_2.12.0-1_all.deb |
Debian | 999 | all | evolution | < 2.12.0-1 | evolution_2.12.0-1_all.deb |
Debian | 13 | all | evolution | < 2.12.0-1 | evolution_2.12.0-1_all.deb |
Debian | 12 | all | evolution-data-server | < 1.10.2-2 | evolution-data-server_1.10.2-2_all.deb |
Debian | 11 | all | evolution-data-server | < 1.10.2-2 | evolution-data-server_1.10.2-2_all.deb |
Debian | 999 | all | evolution-data-server | < 1.10.2-2 | evolution-data-server_1.10.2-2_all.deb |
Debian | 13 | all | evolution-data-server | < 1.10.2-2 | evolution-data-server_1.10.2-2_all.deb |