Evolution : Security Vulnerabilities, CVEs,
Evolution 2.22.3.1 checks S/MIME signatures against a copy of the e-mail text within a signed-data blob, not the copy of the e-mail text displayed to the user, which allows remote attackers to spoof a signature by modifying the latter copy, a different vulnerability than CVE-2008-5077.
Max CVSS
5.0
EPSS Score
0.59%
Published
2009-02-12
Updated
2017-09-29
Format string vulnerability in the write_html function in calendar/gui/e-cal-component-memo-preview.c in Evolution Shared Memo 2.8.2.1, and possibly earlier versions, allows user-assisted remote attackers to execute arbitrary code via format specifiers in the categories of a crafted shared memo.
Max CVSS
6.8
EPSS Score
20.46%
Published
2007-03-21
Updated
2018-10-16
2 vulnerabilities found