The gpg_ctx_add_recipient function in camel/camel-gpg-context.c in GNOME Evolution 3.8.4 and previous versions and Evolution Data Server 3.9.5 and previous versions does not properly select the GPG key to use for email encryption, which might cause the email to be encrypted with the wrong key and allow remote malicious users to obtain sensitive information.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gnome evolution |
||
gnome evolution data server |
||
redhat enterprise linux desktop 6.0 |
||
redhat enterprise linux server 6.0 |
||
redhat enterprise linux workstation 6.0 |