CVE-2007-3257
evolution-data-server
EPSS 2.8%
Description
Camel (camel-imap-folder.c) in the mailer component for Evolution Data Server 1.11 allows remote IMAP servers to execute arbitrary code via a negative SEQUENCE value in GData, which is used as an array index.
How to fix CVE-2007-3257
To remediate CVE-2007-3257, upgrade the affected package to a fixed version below.
- Debian/evolution—upgrade to 2.12.0-1 or later
- Debian/evolution-data-server—upgrade to 1.10.2-2 or later
- Debian/evolution-data-server—upgrade to 1.6.3-5etch1 or later
Is CVE-2007-3257 being exploited?
Low — EPSS is 2.8%, meaning exploitation activity has not been observed at scale.
Affected packages (3)
- from 0, < 2.12.0-1
- from 0, < 1.10.2-2
- from 0, < 1.6.3-5etch1