Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-1631

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2009-1631
Last Modified 23 May 2009 01:31:52
Published 14 May 2009 01:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2009-1631

Summary

The Mailer component in Evolution 2.26.1 and earlier uses world-readable permissions for the .evolution directory, and certain directories and files under .evolution/ related to local mail, which allows local users to obtain sensitive information by reading these files.

Vulnerable Systems

Application

  • Gnome Evolution 1.0.8

  • Gnome Evolution 1.2

  • Gnome Evolution 1.2.1

  • Gnome Evolution 1.2.2

  • Gnome Evolution 1.2.3

  • Gnome Evolution 1.2.4

  • Gnome Evolution 1.4

  • Gnome Evolution 1.4.3

  • Gnome Evolution 1.4.4

  • Gnome Evolution 1.4.5

  • Gnome Evolution 1.4.6

  • Gnome Evolution 2.0.0

  • Gnome Evolution 2.0.1

  • Gnome Evolution 2.0.2

  • Gnome Evolution 2.12

  • Gnome Evolution 2.24

  • Gnome Evolution 2.26.1

  • Gnome Evolution 2.4

  • Gnome Evolution 2.6


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=498648

BID - 34921

MLIST - [oss-security] 20090512 CVE Request (evolution)

MISC - http://bugzilla.gnome.org/show_bug.cgi?id=581604

MISC - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526409


Last Updated: 27 May 2016 10:50:38