CVE-2013-4166 in GNOME and Red Hat Products
Published on February 6, 2020

The gpg_ctx_add_recipient function in camel/camel-gpg-context.c in GNOME Evolution 3.8.4 and earlier and Evolution Data Server 3.9.5 and earlier does not properly select the GPG key to use for email encryption, which might cause the email to be encrypted with the wrong key and allow remote attackers to obtain sensitive information.

NVD

Products Associated with CVE-2013-4166

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2013-4166 are published in these products:

GNOME Evolution

GNOME Evolution Data Server

Red Hat Enterprise Linux Desktop

Red Hat Enterprise Linux Server

Red Hat Enterprise Linux Workstation

Affected Versions

GNOME Evolution:

Version 3.8.4 and earlier is affected.

GNOME Evolution Data Server:

Version 3.9.5 and earlier is affected.

Exploit Probability

EPSS

1.01%

Percentile

76.75%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2013-4166 in GNOME and Red Hat ProductsPublished on February 6, 2020

Products Associated with CVE-2013-4166

Affected Versions

Exploit Probability

CVE-2013-4166 in GNOME and Red Hat Products
Published on February 6, 2020