The gpg_ctx_add_recipient function in camel/camel-gpg-context.c in GNOME Evolution 3.8.4 and earlier and Evolution Data Server 3.9.5 and earlier does not properly select the GPG key to use for email encryption, which might cause the email to be encrypted with the wrong key and allow remote attackers to obtain sensitive information.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2020-02-06T14:29:39

Updated: 2024-08-06T16:38:00.163Z

Reserved: 2013-06-12T00:00:00

Link: CVE-2013-4166

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-02-06T15:15:10.310

Modified: 2024-11-21T01:55:00.407

Link: CVE-2013-4166

cve-icon Redhat

Severity : Low

Publid Date: 2013-07-22T00:00:00Z

Links: CVE-2013-4166 - Bugzilla