CVE-2011-3355

Summary

evolution-data-server3 3.0.3 through 3.2.1 used insecure (non-SSL) connection when attempting to store sent email messages into the Sent folder, when the Sent folder was located on the remote server. An attacker could use this flaw to obtain login credentials of the victim.

Affected Software

VendorProductVersion RangeStatus
evolution-data-server3evolution-data-server33.0.3 through 3.2.1affected

Weaknesses

  • IMAP does non-SSL connection when storing to Sent folder

ADP Enrichment

CVE Program Container

Additional References

References