Published: 14/05/2009 Updated: 23/05/2009

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

The Mailer component in Evolution 2.26.1 and previous versions uses world-readable permissions for the .evolution directory, and certain directories and files under .evolution/ related to local mail, which allows local users to obtain sensitive information by reading these files.

Vulnerable Product	Search on Vulmon	Subscribe to Product
gnome evolution
gnome evolution 1.4.6
gnome evolution 1.4.5
gnome evolution 1.2.1
gnome evolution 1.2
gnome evolution 2.0.2
gnome evolution 2.0.1
gnome evolution 2.0.0
gnome evolution 1.2.3
gnome evolution 1.2.2
gnome evolution 2.24
gnome evolution 2.12
gnome evolution 1.4.4
gnome evolution 1.4.3
gnome evolution 1.0.8
gnome evolution 2.6
gnome evolution 2.4
gnome evolution 1.4
gnome evolution 1.2.4

Debian Bug report logs - #526409 CVE-2009-1631: world-readable permissions for the evolution directory Package: evolution; Maintainer for evolution is Debian GNOME Maintainers <pkg-gnome-maintainers@listsaliothdebianorg>; Source for evolution is src:evolution (PTS, buildd, popcon) Reported by: Tim Connors <tconnors@ra ...

CWE-264 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526409 https://bugzilla.redhat.com/show_bug.cgi?id=498648 http://bugzilla.gnome.org/show_bug.cgi?id=581604 http://www.openwall.com/lists/oss-security/2009/05/12/6 http://www.securityfocus.com/bid/34921 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526409 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2009-1631

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect