Unrated severityNVD Advisory· Published Mar 8, 2013· Updated Apr 29, 2026
CVE-2011-3201
CVE-2011-3201
Description
GNOME Evolution before 3.2.3 allows user-assisted remote attackers to read arbitrary files via the attachment parameter to a mailto: URL, which attaches the file to the email.
Affected products
49- cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:evolution:*:*:*:*:*:*:*:*+ 44 more
- cpe:2.3:a:gnome:evolution:*:*:*:*:*:*:*:*range: <=3.0.3
- cpe:2.3:a:gnome:evolution:1.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:1.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:1.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:1.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:1.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:1.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:1.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:1.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:1.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:1.4.6:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:1.11:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:2.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:2.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:2.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:2.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:2.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:2.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:2.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:2.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:2.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:2.3.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:2.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:2.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:2.4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:2.6:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:2.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:2.10.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:2.12:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:2.12.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:2.22.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:2.22.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:2.24:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:2.24.5:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:2.26.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:2.26.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:2.28.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:2.30.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:evolution:2.32.3:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatchVendor Advisory
- git.gnome.org/browse/evolution/commit/nvdPatchVendor Advisory
- git.gnome.org/browse/evolution/commit/nvdPatchVendor Advisory
- rhn.redhat.com/errata/RHSA-2013-0516.htmlnvdThird Party Advisory
- www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.htmlnvdThird Party Advisory
- bugzilla.gnome.org/show_bug.cginvdIssue Tracking
- exchange.xforce.ibmcloud.com/vulnerabilities/82450nvd
News mentions
0No linked articles in our index yet.