CVE-2011-3201

2013-03-0821:55:01

Debian Security Bug Tracker

security-tracker.debian.org

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.005 Low

EPSS

Percentile

76.3%

JSON

GNOME Evolution before 3.2.3 allows user-assisted remote attackers to read arbitrary files via the attachment parameter to a mailto: URL, which attaches the file to the email.

OSVersionArchitecturePackageVersionFilename
Debian12allevolution<= 3.46.4-2evolution_3.46.4-2_all.deb
Debian11allevolution<= 3.38.3-1+deb11u2evolution_3.38.3-1+deb11u2_all.deb
Debian10allevolution<= 3.30.5-1.1evolution_3.30.5-1.1_all.deb
Debian999allevolution<= 3.52.2-2evolution_3.52.2-2_all.deb
Debian13allevolution<= 3.52.2-2evolution_3.52.2-2_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	evolution	<= 3.46.4-2	evolution_3.46.4-2_all.deb
Debian	11	all	evolution	<= 3.38.3-1+deb11u2	evolution_3.38.3-1+deb11u2_all.deb
Debian	10	all	evolution	<= 3.30.5-1.1	evolution_3.30.5-1.1_all.deb
Debian	999	all	evolution	<= 3.52.2-2	evolution_3.52.2-2_all.deb
Debian	13	all	evolution	<= 3.52.2-2	evolution_3.52.2-2_all.deb