CVE-2008-0072

EPSS 16.1%

evolution - remote code execution

Published: 3/6/2008Modified: 4/28/2026

Also known as:DEBIAN-CVE-2008-0072

Description

Format string vulnerability in the emf_multipart_encrypted function in mail/em-format.c in Evolution 2.12.3 and earlier allows remote attackers to execute arbitrary code via a crafted encrypted message, as demonstrated using the Version field.

Affected packages (2)

Debian/evolutionfrom 0, < 2.12.3-1.1
Debian/evolutionfrom 0, < 2.0.4-2sarge3

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2008-0072