Gnome: >> Evolution >> 2.4 Security Vulnerabilities
Format string vulnerability in the emf_multipart_encrypted function in mail/em-format.c in Evolution 2.12.3 and earlier allows remote attackers to execute arbitrary code via a crafted encrypted message, as demonstrated using the Version field.
CVSS Score
6.8
EPSS Score
0.134
Published
2008-03-06
Evolution 2.8.1 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Evolution from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message without detection.
CVSS Score
5.0
EPSS Score
0.03
Published
2007-03-06
Page 2