Upstream information

CVE-2011-3201 at MITRE

Description

GNOME Evolution before 3.2.3 allows user-assisted remote attackers to read arbitrary files via the attachment parameter to a mailto: URL, which attaches the file to the email.

SUSE information

Overall state of this security issue: Ignore

This issue is currently rated as having low severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 4.3
Vector AV:N/AC:M/Au:N/C:P/I:N/A:N
Access Vector Network
Access Complexity Medium
Authentication None
Confidentiality Impact Partial
Integrity Impact None
Availability Impact None
SUSE Bugzilla entry: 714939 [RESOLVED / FIXED]

No SUSE Security Announcements cross referenced.

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Software Development Kit 11 SP2
  • evolution >= 2.28.2-0.28.21
  • evolution-data-server-devel >= 2.28.2-0.29.24
  • evolution-devel >= 2.28.2-0.28.21
  • evolution-lang >= 2.28.2-0.28.21
sle11-sp2-sdk.ppc
sle11-sp2-sdk.x86
sles11-sp2-vmware.x86-64
sles11-sp2.s390x
sled11-sp2.x86-64
sles11-sp2.x86-64
sled11-sp2.x86
sles11-sp2.ppc
sle11-sp2-sdk.s390x
sle11-sp2-sdk.ia64
sles11-sp2-vmware.x86
sles11-sp2.x86
sles11-sp2.ia64
sle11-sp2-sdk.x86-64
SAT Patch Nr: 6611
SUSE Linux Enterprise Desktop 11 SP2
  • evolution >= 2.28.2-0.28.21
  • evolution-data-server >= 2.28.2-0.29.24
  • evolution-data-server-lang >= 2.28.2-0.29.24
  • evolution-ews >= 2.28-0.10.20
  • evolution-ews-lang >= 2.28-0.10.20
  • evolution-lang >= 2.28.2-0.28.21
  • evolution-pilot >= 2.28.2-0.28.21
sle11-sp2-sdk.ppc
sle11-sp2-sdk.x86
sles11-sp2-vmware.x86-64
sles11-sp2.s390x
sled11-sp2.x86-64
sles11-sp2.x86-64
sled11-sp2.x86
sles11-sp2.ppc
sle11-sp2-sdk.s390x
sle11-sp2-sdk.ia64
sles11-sp2-vmware.x86
sles11-sp2.x86
sles11-sp2.ia64
sle11-sp2-sdk.x86-64
SAT Patch Nr: 6611
SUSE Linux Enterprise Desktop 11 SP2
  • evolution >= 2.28.2-0.28.21
  • evolution-data-server >= 2.28.2-0.29.24
  • evolution-data-server-32bit >= 2.28.2-0.29.24
  • evolution-data-server-lang >= 2.28.2-0.29.24
  • evolution-ews >= 2.28-0.10.20
  • evolution-ews-lang >= 2.28-0.10.20
  • evolution-lang >= 2.28.2-0.28.21
  • evolution-pilot >= 2.28.2-0.28.21
sle11-sp2-sdk.ppc
sle11-sp2-sdk.x86
sles11-sp2-vmware.x86-64
sles11-sp2.s390x
sled11-sp2.x86-64
sles11-sp2.x86-64
sled11-sp2.x86
sles11-sp2.ppc
sle11-sp2-sdk.s390x
sle11-sp2-sdk.ia64
sles11-sp2-vmware.x86
sles11-sp2.x86
sles11-sp2.ia64
sle11-sp2-sdk.x86-64
SAT Patch Nr: 6611
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP2 for VMware
  • evolution-data-server >= 2.28.2-0.29.24
  • evolution-data-server-lang >= 2.28.2-0.29.24
sle11-sp2-sdk.ppc
sle11-sp2-sdk.x86
sles11-sp2-vmware.x86-64
sles11-sp2.s390x
sled11-sp2.x86-64
sles11-sp2.x86-64
sled11-sp2.x86
sles11-sp2.ppc
sle11-sp2-sdk.s390x
sle11-sp2-sdk.ia64
sles11-sp2-vmware.x86
sles11-sp2.x86
sles11-sp2.ia64
sle11-sp2-sdk.x86-64
SAT Patch Nr: 6611
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP2 for VMware
  • evolution-data-server >= 2.28.2-0.29.24
  • evolution-data-server-32bit >= 2.28.2-0.29.24
  • evolution-data-server-lang >= 2.28.2-0.29.24
sle11-sp2-sdk.ppc
sle11-sp2-sdk.x86
sles11-sp2-vmware.x86-64
sles11-sp2.s390x
sled11-sp2.x86-64
sles11-sp2.x86-64
sled11-sp2.x86
sles11-sp2.ppc
sle11-sp2-sdk.s390x
sle11-sp2-sdk.ia64
sles11-sp2-vmware.x86
sles11-sp2.x86
sles11-sp2.ia64
sle11-sp2-sdk.x86-64
SAT Patch Nr: 6611
SUSE Linux Enterprise Server 11 SP2
  • evolution-data-server >= 2.28.2-0.29.24
  • evolution-data-server-lang >= 2.28.2-0.29.24
  • evolution-data-server-x86 >= 2.28.2-0.29.24
sle11-sp2-sdk.ppc
sle11-sp2-sdk.x86
sles11-sp2-vmware.x86-64
sles11-sp2.s390x
sled11-sp2.x86-64
sles11-sp2.x86-64
sled11-sp2.x86
sles11-sp2.ppc
sle11-sp2-sdk.s390x
sle11-sp2-sdk.ia64
sles11-sp2-vmware.x86
sles11-sp2.x86
sles11-sp2.ia64
sle11-sp2-sdk.x86-64
SAT Patch Nr: 6611