Format String Vulnerability in Evolution Email Client by Novell
CVE-2008-0072

Currently unrated

Key Information:

Vendor

Gnome
Status
Evolution
Vendor
CVE Published:
6 March 2008

What is CVE-2008-0072?

A format string vulnerability exists within the emf_multipart_encrypted function of Evolution, allowing remote attackers to execute arbitrary code. This occurs through the manipulation of crafted encrypted messages, particularly exploiting the Version field. Users of affected versions are advised to update to the latest version to mitigate risks associated with this vulnerability.

References

http://secunia.com/advisories/29258
third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/29163
third-party-advisoryx_refsource_SECUNIA
http://www.debian.org/security/2008/dsa-1512
vendor-advisoryx_refsource_DEBIAN

EPSS Score

13% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.