CVE-2013-4166 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2013-4166 Interim 1 13 2024-07-27T01:27:51Z current 2021-05-30T13:13:46Z 2024-07-27T01:27:51Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2013-4166 The gpg_ctx_add_recipient function in camel/camel-gpg-context.c in GNOME Evolution 3.8.4 and earlier and Evolution Data Server 3.9.5 and earlier does not properly select the GPG key to use for email encryption, which might cause the email to be encrypted with the wrong key and allow remote attackers to obtain sensitive information. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2020-June/006876.html E-Mail link for SUSE-SU-2020:14383-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Server 11 SP3-TERADATA SUSE Linux Enterprise Server 11 SP4 LTSS evolution-data-server evolution-data-server-2.28.2-0.32.3.109 evolution-data-server-32bit-2.28.2-0.32.3.109 evolution-data-server-lang-2.28.2-0.32.3.109 evolution-data-server-2.28.2-0.32.3.109 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA evolution-data-server-32bit-2.28.2-0.32.3.109 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA evolution-data-server-lang-2.28.2-0.32.3.109 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA evolution-data-server as a component of SUSE Linux Enterprise Server 11 SP4 LTSS The gpg_ctx_add_recipient function in camel/camel-gpg-context.c in GNOME Evolution 3.8.4 and earlier and Evolution Data Server 3.9.5 and earlier does not properly select the GPG key to use for email encryption, which might cause the email to be encrypted with the wrong key and allow remote attackers to obtain sensitive information. CVE-2013-4166 SUSE Linux Enterprise Server 11 SP3-TERADATA:evolution-data-server-2.28.2-0.32.3.109 SUSE Linux Enterprise Server 11 SP3-TERADATA:evolution-data-server-32bit-2.28.2-0.32.3.109 SUSE Linux Enterprise Server 11 SP3-TERADATA:evolution-data-server-lang-2.28.2-0.32.3.109 important 5 AV:N/AC:L/Au:N/C:P/I:N/A:N 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N