CVE-2008-0072
evolution - remote code execution
EPSS 16.1%
Description
Format string vulnerability in the emf_multipart_encrypted function in mail/em-format.c in Evolution 2.12.3 and earlier allows remote attackers to execute arbitrary code via a crafted encrypted message, as demonstrated using the Version field.
How to fix CVE-2008-0072
To remediate CVE-2008-0072, upgrade the affected package to a fixed version below.
- Debian/evolution—upgrade to 2.12.3-1.1 or later
- Debian/evolution—upgrade to 2.0.4-2sarge3 or later
Is CVE-2008-0072 being exploited?
Moderate — EPSS is 16.1%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (2)
- from 0, < 2.12.3-1.1
- from 0, < 2.0.4-2sarge3