Vulnerability in Ximian Evolution
CVE-2003-0130
The handle_image function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier does not properly escape HTML characters, which allows remote attackers to inject arbitrary data and HTML via a MIME Content-ID header in a M…
EPSS: 0.058 (92.1th percentile) — read the EPSS interpretation.
Affected products
- Ximian Evolution — versions 1.0.3, 1.0.4, 1.0.5
- N/a — versions n/a
References
- cve@mitre.org (vendor-advisory, x_refsource_GENTOO)
- cve@mitre.org (Patch, x_refsource_MISC, Vendor Advisory)
- cve@mitre.org (vendor-advisory, x_refsource_MANDRAKE)
- cve@mitre.org (x_refsource_OVAL, signature, vdb-entry)
- cve@mitre.org (Exploit, Patch, vdb-entry, x_refsource_BID, Vendor Advisory)
- cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)
- cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)
- cve@mitre.org (vendor-advisory, x_refsource_CONECTIVA)
- cve@mitre.org (x_refsource_REDHAT, vendor-advisory)