CVE-2011-3201
Published: 8 March 2013
GNOME Evolution before 3.2.3 allows user-assisted remote attackers to read arbitrary files via the attachment parameter to a mailto: URL, which attaches the file to the email.
Notes
Author | Note |
---|---|
jdstrand | no upstream patch yet (2011-10-13). In discussion in RedHat bug. requires user to not notice the attachment |