Public Date:
435759: CVE-2008-0072 Evolution format string flaw

The MITRE CVE dictionary describes this issue as:

Format string vulnerability in the emf_multipart_encrypted function in mail/em-format.c in Evolution 2.12.3 and earlier allows remote attackers to execute arbitrary code via a crafted encrypted message, as demonstrated using the Version field.

Find out more about CVE-2008-0072 from the MITRE CVE dictionary dictionary and NIST NVD.

CVSS v2 metrics

Base Score 6.8
Base Metrics AV:N/AC:M/Au:N/C:P/I:P/A:P
Access Vector Network
Access Complexity Medium
Authentication None
Confidentiality Impact Partial
Integrity Impact Partial
Availability Impact Partial

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 4 RHSA-2008:0177 2008-03-05
Red Hat Enterprise Linux 5 (evolution) RHSA-2008:0177 2008-03-05
Red Hat Enterprise Linux Extended Update Support 4.5 (evolution) RHSA-2008:0178 2008-03-05
Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server) (evolution) RHSA-2008:0177 2008-03-05


Red Hat would like to thank Ulf Härnhammar of Secunia Research for finding and reporting this issue.

Last Modified

CVE description copyright © 2017, The MITRE Corporation


Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.