oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE Assignment - evolution CVE-2011-3201

From: Josh Bressers <bressers () redhat com>
Date: Fri, 26 Aug 2011 10:47:03 -0400 (EDT)
Matt McCutchen reported a flaw in the way handles mailto: urls.

A malicious site can specify an attach= parameter to the URL, which can
attach arbitrary files to a mail message.

I've assigned CVE-2011-3201 to the issue.

Our bug contains what we currently know:
https://bugzilla.redhat.com/show_bug.cgi?id=733504

Thanks.

-- 
    JB
Previous By Date Next
Previous By Thread Next

Current thread: