fkie_cve-2011-3201
Vulnerability from fkie_nvd
Published
2013-03-08 21:55
Modified
2024-11-21 01:29
Severity ?
Summary
GNOME Evolution before 3.2.3 allows user-assisted remote attackers to read arbitrary files via the attachment parameter to a mailto: URL, which attaches the file to the email.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0B1C288F-326B-497B-B26C-D26E01262DDB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnome:evolution:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F5F2E16-9B6D-4F84-8658-D524739C409C",
"versionEndIncluding": "3.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:1.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B10AA832-0C56-4447-BAAB-D6D1F56D59DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6D9FBE67-2901-426F-9CA6-70022077B2EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B11C791D-6E3D-4C96-B5CE-A82D870F61D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "38225EC0-5966-4316-B45E-AB1BD4BB5328",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D3EBC9CD-DFBF-40E1-8F28-F64E27E8EBD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "101552BA-C509-4767-901B-279C3B0C21F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A3FBC98A-111A-4E78-AAA5-CF76B7B32D36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DA12263C-AD34-405E-B27B-6536DFD77093",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:1.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "180B84B3-8AF2-4C0F-BB49-789D4C403B36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:1.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E1E9C9CC-FDEB-45C4-AF92-D3AE7DFEFB3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:1.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "44F21156-9E93-4936-B16F-1C243B937C98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C44773EE-24D1-49F9-8B80-DA47450251E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "725525E5-91F2-4D72-8ED0-3E817F58130B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "48282B11-CBED-4E04-984A-48D0EC579748",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "29AB66CF-0B1B-4762-A596-4FC451977D70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "600F1CB5-B0F8-443C-A25D-34B335931494",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7A7A5DBB-9259-4F0F-A7EA-A4E96D7B2C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0219B1ED-5EA4-44FE-A4CB-5F50670D6A6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "80A90124-F131-4FF2-91FA-371F54D556A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "47D66360-0009-4D6D-B04B-A2A1366AD614",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8CEE0340-36EA-477D-9928-6894B53F0802",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C456D757-63DC-4881-AA9E-84C13B1AE9C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E28A92EC-24AB-471A-9E23-DE8493B50AF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2128A01C-A2AA-4E11-94D6-E361486BBFF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6337DBEC-591E-4D33-ABA0-D761237C4FA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F53804AD-1B87-4ED2-82BA-7F2DC518D9B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:2.3.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7160595D-FB7B-45F9-85BD-5767B08F4855",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "DCB5EA9F-C405-4FCD-8BFA-71BC58E007AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4CA640B6-B155-4503-BB05-4F17E6A71D96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:2.4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "85DCC013-7723-4761-9009-2F95FE2593BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "40C26725-D869-49B0-8405-4472E1639799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:2.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8124B751-D9D5-4508-9C99-C022E5E5DEFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:2.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "20233926-3A17-4E4D-8743-C25BA83F47FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "2160DB09-250B-4BB4-A77D-79326EB9969C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:2.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B2422C3A-2BFE-4BDF-A64F-5340A7E80995",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:2.22.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DFFCC802-9313-4B56-97A8-9A18F04799DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:2.22.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F126326C-8682-4F3F-8312-07CE0C8DF553",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:2.24:*:*:*:*:*:*:*",
"matchCriteriaId": "854DCABF-696A-4800-8B92-5CCB8F1B5333",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:2.24.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9D235F7F-7613-473F-B74C-7260237DBBCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:2.26.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1D21A62F-2D9A-41F7-98CA-62F1E3F2027A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:2.26.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8B77DB02-C7F5-4A88-9479-4A6B47112FB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:2.28.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6974111D-09F6-4DAD-83E2-74FD66808907",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:2.30.3:*:*:*:*:*:*:*",
"matchCriteriaId": "078D11C0-1E37-4D95-B28A-8A039EB9EE1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:2.32.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DF3A9D47-5250-4870-AA8F-8519AE7F0A0D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "GNOME Evolution before 3.2.3 allows user-assisted remote attackers to read arbitrary files via the attachment parameter to a mailto: URL, which attaches the file to the email."
},
{
"lang": "es",
"value": "GNOME Evolution antes de v3.2.3 permite leer archivos de su elecci\u00f3n a atacantes remotos con la yuda del usuario local a trav\u00e9s del par\u00e1metro \u0027attachment\u0027 a una URL mailto: , que adjunta el archivo al correo electr\u00f3nico.\r\n"
}
],
"id": "CVE-2011-3201",
"lastModified": "2024-11-21T01:29:58.093",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-03-08T21:55:01.920",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0516.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.gnome.org/show_bug.cgi?id=657374"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=733504"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82450"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://git.gnome.org/browse/evolution/commit/?id=0a478083fa31aec0059bc6feacc054226fe55b56"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://git.gnome.org/browse/evolution/commit/?id=588c410718068388f8ce0004a71c104a4c89cce3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0516.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.gnome.org/show_bug.cgi?id=657374"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=733504"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82450"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://git.gnome.org/browse/evolution/commit/?id=0a478083fa31aec0059bc6feacc054226fe55b56"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://git.gnome.org/browse/evolution/commit/?id=588c410718068388f8ce0004a71c104a4c89cce3"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.