Gnome Evolution Encrypted Message Format String Vulnerability

Gnome Evolution Encrypted Message Format String Vulnerability

Gnome Evolution is prone to a format-string vulnerability.

This issue presents itself because the application fails to properly sanitize user-supplied input before passing it as the format-specifier argument of a formatted-printing function when processing encrypted email massages.

Successfully exploiting this issue may allow remote attackers to execute arbitrary machine code in the context of the application. Failed exploit attempts will likely result in a denial of service.

Gnome Evolution 2.12.3 is vulnerable to this issue; other versions may also be affected.