4.3
CVSSv2

CVE-2018-15587

Published: 11/02/2019 Updated: 12/02/2019
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 414
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Summary

GNOME Evolution up to and including 3.28.2 is prone to OpenPGP signatures being spoofed for arbitrary messages using a specially crafted email that contains a valid signature from the entity to be impersonated as an attachment.

Vulnerability Trend

Affected Products

Vendor Product Versions
GnomeEvolution3.28.2

Vendor Advisories

GNOME Evolution through 3282 is prone to OpenPGP signatures being spoofed for arbitrary messages using a specially crafted email that contains a valid signature from the entity to be impersonated as an attachment ...
Arch Linux Security Advisory ASA-201903-17 ========================================== Severity: High Date : 2019-03-28 CVE-ID : CVE-2018-15587 Package : evolution Type : content spoofing Remote : Yes Link : securityarchlinuxorg/AVG-889 Summary ======= The package evolution before version 3320-1 is vulnerable to content spo ...
Arch Linux Security Advisory ASA-201904-3 ========================================= Severity: High Date : 2019-04-02 CVE-ID : CVE-2018-15587 Package : evolution Type : content spoofing Remote : Yes Link : securityarchlinuxorg/AVG-889 Summary ======= The package evolution before version 3320-1 is vulnerable to content spoof ...