Back to search
CVE-2003-0130
Published: Mar 21, 2003
Modified: Aug 8, 2024
PUBLISHED
Description
The handle_image function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier does not properly escape HTML characters, which allows remote attackers to inject arbitrary data and HTML via a MIME Content-ID header in a MIME-encoded image.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
GLSA-200303-18
vendor-advisory
x_refsource_GENTOO
MDKSA-2003:045
vendor-advisory
x_refsource_MANDRAKE
oval:org.mitre.oval:def:111
vdb-entry
signature
x_refsource_OVAL
7119
vdb-entry
x_refsource_BID
20030319 CORE-2003-03-04-01: Multiple vulnerabilities in Ximian 's Evolution Mail User Agent
mailing-list
x_refsource_BUGTRAQ
20030321 GLSA: evolution (200303-18)
mailing-list
x_refsource_BUGTRAQ
CLA-2003:648
vendor-advisory
x_refsource_CONECTIVA
RHSA-2003:108
vendor-advisory
x_refsource_REDHAT
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now