All the vulnerabilites related to ximian - evolution
cve-2003-0296
Vulnerability from cvelistv5
Published
2003-05-15 04:00
Modified
2024-08-08 01:50
Severity ?
Summary
The IMAP Client for Evolution 1.2.4 allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large literal size values that cause either integer signedness errors or integer overflow errors.
References
http://marc.info/?l=bugtraq&m=105294024124163&w=2mailing-list, x_refsource_BUGTRAQ
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T01:50:47.132Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20030514 Buffer overflows in multiple IMAP clients",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=105294024124163\u0026w=2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2003-05-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The IMAP Client for Evolution 1.2.4 allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large literal size values that cause either integer signedness errors or integer overflow errors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-10-17T13:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20030514 Buffer overflows in multiple IMAP clients",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=105294024124163\u0026w=2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2003-0296",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The IMAP Client for Evolution 1.2.4 allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large literal size values that cause either integer signedness errors or integer overflow errors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20030514 Buffer overflows in multiple IMAP clients",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=105294024124163\u0026w=2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2003-0296",
    "datePublished": "2003-05-15T04:00:00",
    "dateReserved": "2003-05-14T00:00:00",
    "dateUpdated": "2024-08-08T01:50:47.132Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2003-0300
Vulnerability from cvelistv5
Published
2003-05-15 04:00
Modified
2024-08-08 01:50
Severity ?
Summary
The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors.
References
http://marc.info/?l=bugtraq&m=105294024124163&w=2mailing-list, x_refsource_BUGTRAQ
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T01:50:47.085Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20030514 Buffer overflows in multiple IMAP clients",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=105294024124163\u0026w=2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2003-05-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-10-17T13:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20030514 Buffer overflows in multiple IMAP clients",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=105294024124163\u0026w=2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2003-0300",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20030514 Buffer overflows in multiple IMAP clients",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=105294024124163\u0026w=2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2003-0300",
    "datePublished": "2003-05-15T04:00:00",
    "dateReserved": "2003-05-14T00:00:00",
    "dateUpdated": "2024-08-08T01:50:47.085Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-0806
Vulnerability from cvelistv5
Published
2005-03-20 05:00
Modified
2024-08-07 21:28
Severity ?
Summary
Evolution 2.0.3 allows remote attackers to cause a denial of service (application crash or hang) via crafted messages, possibly involving charsets in attachment filenames.
References
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T21:28:28.421Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "MDKSA-2005:059",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:059"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugzilla.ximian.com/show_bug.cgi?id=72609"
          },
          {
            "name": "oval:org.mitre.oval:def:10532",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10532"
          },
          {
            "name": "RHSA-2005:397",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-397.html"
          },
          {
            "name": "USN-166-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/166-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-03-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Evolution 2.0.3 allows remote attackers to cause a denial of service (application crash or hang) via crafted messages, possibly involving charsets in attachment filenames."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-03T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "MDKSA-2005:059",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:059"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugzilla.ximian.com/show_bug.cgi?id=72609"
        },
        {
          "name": "oval:org.mitre.oval:def:10532",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10532"
        },
        {
          "name": "RHSA-2005:397",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-397.html"
        },
        {
          "name": "USN-166-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/166-1/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-0806",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Evolution 2.0.3 allows remote attackers to cause a denial of service (application crash or hang) via crafted messages, possibly involving charsets in attachment filenames."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "MDKSA-2005:059",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:059"
            },
            {
              "name": "http://bugzilla.ximian.com/show_bug.cgi?id=72609",
              "refsource": "CONFIRM",
              "url": "http://bugzilla.ximian.com/show_bug.cgi?id=72609"
            },
            {
              "name": "oval:org.mitre.oval:def:10532",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10532"
            },
            {
              "name": "RHSA-2005:397",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-397.html"
            },
            {
              "name": "USN-166-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/166-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-0806",
    "datePublished": "2005-03-20T05:00:00",
    "dateReserved": "2005-03-20T00:00:00",
    "dateUpdated": "2024-08-07T21:28:28.421Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2003-0128
Vulnerability from cvelistv5
Published
2003-03-21 05:00
Modified
2024-08-08 01:43
Severity ?
Summary
The try_uudecoding function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malicious uuencoded (UUE) header, possibly triggering a heap-based buffer overflow.
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T01:43:35.780Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "GLSA-200303-18",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200303-18.xml"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.coresecurity.com/common/showdoc.php?idx=309\u0026idxseccion=10"
          },
          {
            "name": "MDKSA-2003:045",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:045"
          },
          {
            "name": "20030319 CORE-2003-03-04-01: Multiple vulnerabilities in Ximian \u0027s Evolution Mail User Agent",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0141.html"
          },
          {
            "name": "20030321 GLSA:  evolution (200303-18)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=104826470527308\u0026w=2"
          },
          {
            "name": "7117",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/7117"
          },
          {
            "name": "CLA-2003:648",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000648"
          },
          {
            "name": "RHSA-2003:108",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2003-108.html"
          },
          {
            "name": "oval:org.mitre.oval:def:107",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A107"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2003-03-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The try_uudecoding function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malicious uuencoded (UUE) header, possibly triggering a heap-based buffer overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "GLSA-200303-18",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200303-18.xml"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.coresecurity.com/common/showdoc.php?idx=309\u0026idxseccion=10"
        },
        {
          "name": "MDKSA-2003:045",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:045"
        },
        {
          "name": "20030319 CORE-2003-03-04-01: Multiple vulnerabilities in Ximian \u0027s Evolution Mail User Agent",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0141.html"
        },
        {
          "name": "20030321 GLSA:  evolution (200303-18)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=104826470527308\u0026w=2"
        },
        {
          "name": "7117",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/7117"
        },
        {
          "name": "CLA-2003:648",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000648"
        },
        {
          "name": "RHSA-2003:108",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2003-108.html"
        },
        {
          "name": "oval:org.mitre.oval:def:107",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A107"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2003-0128",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The try_uudecoding function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malicious uuencoded (UUE) header, possibly triggering a heap-based buffer overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "GLSA-200303-18",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200303-18.xml"
            },
            {
              "name": "http://www.coresecurity.com/common/showdoc.php?idx=309\u0026idxseccion=10",
              "refsource": "MISC",
              "url": "http://www.coresecurity.com/common/showdoc.php?idx=309\u0026idxseccion=10"
            },
            {
              "name": "MDKSA-2003:045",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:045"
            },
            {
              "name": "20030319 CORE-2003-03-04-01: Multiple vulnerabilities in Ximian \u0027s Evolution Mail User Agent",
              "refsource": "BUGTRAQ",
              "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0141.html"
            },
            {
              "name": "20030321 GLSA:  evolution (200303-18)",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=104826470527308\u0026w=2"
            },
            {
              "name": "7117",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/7117"
            },
            {
              "name": "CLA-2003:648",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000648"
            },
            {
              "name": "RHSA-2003:108",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2003-108.html"
            },
            {
              "name": "oval:org.mitre.oval:def:107",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A107"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2003-0128",
    "datePublished": "2003-03-21T05:00:00",
    "dateReserved": "2003-03-13T00:00:00",
    "dateUpdated": "2024-08-08T01:43:35.780Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2003-0130
Vulnerability from cvelistv5
Published
2003-03-21 05:00
Modified
2024-08-08 01:43
Severity ?
Summary
The handle_image function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier does not properly escape HTML characters, which allows remote attackers to inject arbitrary data and HTML via a MIME Content-ID header in a MIME-encoded image.
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T01:43:35.942Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "GLSA-200303-18",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200303-18.xml"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.coresecurity.com/common/showdoc.php?idx=309\u0026idxseccion=10"
          },
          {
            "name": "MDKSA-2003:045",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:045"
          },
          {
            "name": "oval:org.mitre.oval:def:111",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A111"
          },
          {
            "name": "7119",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/7119"
          },
          {
            "name": "20030319 CORE-2003-03-04-01: Multiple vulnerabilities in Ximian \u0027s Evolution Mail User Agent",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0141.html"
          },
          {
            "name": "20030321 GLSA:  evolution (200303-18)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=104826470527308\u0026w=2"
          },
          {
            "name": "CLA-2003:648",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000648"
          },
          {
            "name": "RHSA-2003:108",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2003-108.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2003-03-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The handle_image function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier does not properly escape HTML characters, which allows remote attackers to inject arbitrary data and HTML via a MIME Content-ID header in a MIME-encoded image."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "GLSA-200303-18",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200303-18.xml"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.coresecurity.com/common/showdoc.php?idx=309\u0026idxseccion=10"
        },
        {
          "name": "MDKSA-2003:045",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:045"
        },
        {
          "name": "oval:org.mitre.oval:def:111",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A111"
        },
        {
          "name": "7119",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/7119"
        },
        {
          "name": "20030319 CORE-2003-03-04-01: Multiple vulnerabilities in Ximian \u0027s Evolution Mail User Agent",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0141.html"
        },
        {
          "name": "20030321 GLSA:  evolution (200303-18)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=104826470527308\u0026w=2"
        },
        {
          "name": "CLA-2003:648",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000648"
        },
        {
          "name": "RHSA-2003:108",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2003-108.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2003-0130",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The handle_image function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier does not properly escape HTML characters, which allows remote attackers to inject arbitrary data and HTML via a MIME Content-ID header in a MIME-encoded image."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "GLSA-200303-18",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200303-18.xml"
            },
            {
              "name": "http://www.coresecurity.com/common/showdoc.php?idx=309\u0026idxseccion=10",
              "refsource": "MISC",
              "url": "http://www.coresecurity.com/common/showdoc.php?idx=309\u0026idxseccion=10"
            },
            {
              "name": "MDKSA-2003:045",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:045"
            },
            {
              "name": "oval:org.mitre.oval:def:111",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A111"
            },
            {
              "name": "7119",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/7119"
            },
            {
              "name": "20030319 CORE-2003-03-04-01: Multiple vulnerabilities in Ximian \u0027s Evolution Mail User Agent",
              "refsource": "BUGTRAQ",
              "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0141.html"
            },
            {
              "name": "20030321 GLSA:  evolution (200303-18)",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=104826470527308\u0026w=2"
            },
            {
              "name": "CLA-2003:648",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000648"
            },
            {
              "name": "RHSA-2003:108",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2003-108.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2003-0130",
    "datePublished": "2003-03-21T05:00:00",
    "dateReserved": "2003-03-13T00:00:00",
    "dateUpdated": "2024-08-08T01:43:35.942Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2002-1765
Vulnerability from cvelistv5
Published
2005-06-21 04:00
Modified
2024-08-08 03:34
Severity ?
Summary
Evolution 1.0.3 and 1.0.4 allows remote attackers to cause a denial of service (memory consumption and crash) via an email with a malformed MIME header.
References
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T03:34:56.323Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "CLA-2002:486",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://online.securityfocus.com/advisories/4117"
          },
          {
            "name": "[gnome-announce] 20020503 Patch for serious bug in 1.0.3",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://mail.gnome.org/archives/gnome-announce-list/2002-May/msg00020.html"
          },
          {
            "name": "evolution-mime-header-dos(9059)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9059"
          },
          {
            "name": "4715",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/4715"
          },
          {
            "name": "RHBA-2002:080",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHBA-2002-080.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2002-05-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Evolution 1.0.3 and 1.0.4 allows remote attackers to cause a denial of service (memory consumption and crash) via an email with a malformed MIME header."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "CLA-2002:486",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://online.securityfocus.com/advisories/4117"
        },
        {
          "name": "[gnome-announce] 20020503 Patch for serious bug in 1.0.3",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://mail.gnome.org/archives/gnome-announce-list/2002-May/msg00020.html"
        },
        {
          "name": "evolution-mime-header-dos(9059)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9059"
        },
        {
          "name": "4715",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/4715"
        },
        {
          "name": "RHBA-2002:080",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHBA-2002-080.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2002-1765",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Evolution 1.0.3 and 1.0.4 allows remote attackers to cause a denial of service (memory consumption and crash) via an email with a malformed MIME header."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "CLA-2002:486",
              "refsource": "CONECTIVA",
              "url": "http://online.securityfocus.com/advisories/4117"
            },
            {
              "name": "[gnome-announce] 20020503 Patch for serious bug in 1.0.3",
              "refsource": "MLIST",
              "url": "http://mail.gnome.org/archives/gnome-announce-list/2002-May/msg00020.html"
            },
            {
              "name": "evolution-mime-header-dos(9059)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9059"
            },
            {
              "name": "4715",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/4715"
            },
            {
              "name": "RHBA-2002:080",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHBA-2002-080.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2002-1765",
    "datePublished": "2005-06-21T04:00:00",
    "dateReserved": "2005-06-21T00:00:00",
    "dateUpdated": "2024-08-08T03:34:56.323Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2002-1471
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 03:26
Severity ?
Summary
The camel component for Ximian Evolution 1.0.x and earlier does not verify certificates when it establishes a new SSL connection after previously verifying a certificate, which could allow remote attackers to monitor or modify sessions via a man-in-the-middle attack.
References
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T03:26:28.673Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "evolution-camel-certificate-mitm(10292)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "http://www.iss.net/security_center/static/10292.php"
          },
          {
            "name": "20021003 SSL certificate validation problems in Ximian Evolution",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0045.html"
          },
          {
            "name": "5875",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/5875"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2002-10-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The camel component for Ximian Evolution 1.0.x and earlier does not verify certificates when it establishes a new SSL connection after previously verifying a certificate, which could allow remote attackers to monitor or modify sessions via a man-in-the-middle attack."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2003-03-21T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "evolution-camel-certificate-mitm(10292)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "http://www.iss.net/security_center/static/10292.php"
        },
        {
          "name": "20021003 SSL certificate validation problems in Ximian Evolution",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0045.html"
        },
        {
          "name": "5875",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/5875"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2002-1471",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The camel component for Ximian Evolution 1.0.x and earlier does not verify certificates when it establishes a new SSL connection after previously verifying a certificate, which could allow remote attackers to monitor or modify sessions via a man-in-the-middle attack."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "evolution-camel-certificate-mitm(10292)",
              "refsource": "XF",
              "url": "http://www.iss.net/security_center/static/10292.php"
            },
            {
              "name": "20021003 SSL certificate validation problems in Ximian Evolution",
              "refsource": "BUGTRAQ",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0045.html"
            },
            {
              "name": "5875",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/5875"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2002-1471",
    "datePublished": "2004-09-01T04:00:00",
    "dateReserved": "2003-02-05T00:00:00",
    "dateUpdated": "2024-08-08T03:26:28.673Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-0102
Vulnerability from cvelistv5
Published
2005-01-29 05:00
Modified
2024-08-07 20:57
Severity ?
Summary
Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow.
References
http://www.mandriva.com/security/advisories?name=MDKSA-2005:024vendor-advisory, x_refsource_MANDRAKE
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9616vdb-entry, signature, x_refsource_OVAL
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000925vendor-advisory, x_refsource_CONECTIVA
http://security.gentoo.org/glsa/glsa-200501-35.xmlvendor-advisory, x_refsource_GENTOO
https://exchange.xforce.ibmcloud.com/vulnerabilities/19031vdb-entry, x_refsource_XF
http://securitytracker.com/id?1012981vdb-entry, x_refsource_SECTRACK
https://usn.ubuntu.com/69-1/vendor-advisory, x_refsource_UBUNTU
http://www.securityfocus.com/bid/12354vdb-entry, x_refsource_BID
http://www.redhat.com/support/errata/RHSA-2005-238.htmlvendor-advisory, x_refsource_REDHAT
http://www.debian.org/security/2005/dsa-673vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/13830third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2005-397.htmlvendor-advisory, x_refsource_REDHAT
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T20:57:40.987Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "MDKSA-2005:024",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:024"
          },
          {
            "name": "oval:org.mitre.oval:def:9616",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9616"
          },
          {
            "name": "CLA-2005:925",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000925"
          },
          {
            "name": "GLSA-200501-35",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200501-35.xml"
          },
          {
            "name": "evolution-camellockhelper-bo(19031)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19031"
          },
          {
            "name": "1012981",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1012981"
          },
          {
            "name": "USN-69-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/69-1/"
          },
          {
            "name": "12354",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/12354"
          },
          {
            "name": "RHSA-2005:238",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-238.html"
          },
          {
            "name": "DSA-673",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-673"
          },
          {
            "name": "13830",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/13830"
          },
          {
            "name": "RHSA-2005:397",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-397.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-01-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-03T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "MDKSA-2005:024",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:024"
        },
        {
          "name": "oval:org.mitre.oval:def:9616",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9616"
        },
        {
          "name": "CLA-2005:925",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000925"
        },
        {
          "name": "GLSA-200501-35",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200501-35.xml"
        },
        {
          "name": "evolution-camellockhelper-bo(19031)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19031"
        },
        {
          "name": "1012981",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1012981"
        },
        {
          "name": "USN-69-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/69-1/"
        },
        {
          "name": "12354",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/12354"
        },
        {
          "name": "RHSA-2005:238",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-238.html"
        },
        {
          "name": "DSA-673",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-673"
        },
        {
          "name": "13830",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/13830"
        },
        {
          "name": "RHSA-2005:397",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-397.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-0102",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "MDKSA-2005:024",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:024"
            },
            {
              "name": "oval:org.mitre.oval:def:9616",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9616"
            },
            {
              "name": "CLA-2005:925",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000925"
            },
            {
              "name": "GLSA-200501-35",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200501-35.xml"
            },
            {
              "name": "evolution-camellockhelper-bo(19031)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19031"
            },
            {
              "name": "1012981",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1012981"
            },
            {
              "name": "USN-69-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/69-1/"
            },
            {
              "name": "12354",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/12354"
            },
            {
              "name": "RHSA-2005:238",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-238.html"
            },
            {
              "name": "DSA-673",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2005/dsa-673"
            },
            {
              "name": "13830",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/13830"
            },
            {
              "name": "RHSA-2005:397",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-397.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-0102",
    "datePublished": "2005-01-29T05:00:00",
    "dateReserved": "2005-01-18T00:00:00",
    "dateUpdated": "2024-08-07T20:57:40.987Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2003-0129
Vulnerability from cvelistv5
Published
2003-03-21 05:00
Modified
2024-08-08 01:43
Severity ?
Summary
Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (memory consumption) via a mail message that is uuencoded multiple times.
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T01:43:35.943Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "7118",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/7118"
          },
          {
            "name": "GLSA-200303-18",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200303-18.xml"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.coresecurity.com/common/showdoc.php?idx=309\u0026idxseccion=10"
          },
          {
            "name": "MDKSA-2003:045",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:045"
          },
          {
            "name": "20030319 CORE-2003-03-04-01: Multiple vulnerabilities in Ximian \u0027s Evolution Mail User Agent",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0141.html"
          },
          {
            "name": "20030321 GLSA:  evolution (200303-18)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=104826470527308\u0026w=2"
          },
          {
            "name": "oval:org.mitre.oval:def:108",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A108"
          },
          {
            "name": "CLA-2003:648",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000648"
          },
          {
            "name": "RHSA-2003:108",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2003-108.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2003-03-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (memory consumption) via a mail message that is uuencoded multiple times."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "7118",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/7118"
        },
        {
          "name": "GLSA-200303-18",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200303-18.xml"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.coresecurity.com/common/showdoc.php?idx=309\u0026idxseccion=10"
        },
        {
          "name": "MDKSA-2003:045",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:045"
        },
        {
          "name": "20030319 CORE-2003-03-04-01: Multiple vulnerabilities in Ximian \u0027s Evolution Mail User Agent",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0141.html"
        },
        {
          "name": "20030321 GLSA:  evolution (200303-18)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=104826470527308\u0026w=2"
        },
        {
          "name": "oval:org.mitre.oval:def:108",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A108"
        },
        {
          "name": "CLA-2003:648",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000648"
        },
        {
          "name": "RHSA-2003:108",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2003-108.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2003-0129",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (memory consumption) via a mail message that is uuencoded multiple times."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "7118",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/7118"
            },
            {
              "name": "GLSA-200303-18",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200303-18.xml"
            },
            {
              "name": "http://www.coresecurity.com/common/showdoc.php?idx=309\u0026idxseccion=10",
              "refsource": "MISC",
              "url": "http://www.coresecurity.com/common/showdoc.php?idx=309\u0026idxseccion=10"
            },
            {
              "name": "MDKSA-2003:045",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:045"
            },
            {
              "name": "20030319 CORE-2003-03-04-01: Multiple vulnerabilities in Ximian \u0027s Evolution Mail User Agent",
              "refsource": "BUGTRAQ",
              "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0141.html"
            },
            {
              "name": "20030321 GLSA:  evolution (200303-18)",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=104826470527308\u0026w=2"
            },
            {
              "name": "oval:org.mitre.oval:def:108",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A108"
            },
            {
              "name": "CLA-2003:648",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000648"
            },
            {
              "name": "RHSA-2003:108",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2003-108.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2003-0129",
    "datePublished": "2003-03-21T05:00:00",
    "dateReserved": "2003-03-13T00:00:00",
    "dateUpdated": "2024-08-08T01:43:35.943Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerability from fkie_nvd
Published
2003-03-24 05:00
Modified
2024-11-20 23:44
Severity ?
Summary
The try_uudecoding function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malicious uuencoded (UUE) header, possibly triggering a heap-based buffer overflow.
References
cve@mitre.orghttp://archives.neohapsis.com/archives/vulnwatch/2003-q1/0141.html
cve@mitre.orghttp://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000648
cve@mitre.orghttp://marc.info/?l=bugtraq&m=104826470527308&w=2
cve@mitre.orghttp://www.coresecurity.com/common/showdoc.php?idx=309&idxseccion=10Patch, Vendor Advisory
cve@mitre.orghttp://www.gentoo.org/security/en/glsa/glsa-200303-18.xml
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2003:045
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2003-108.html
cve@mitre.orghttp://www.securityfocus.com/bid/7117Exploit, Patch, Vendor Advisory
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A107
af854a3a-2127-422b-91ae-364da2661108http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0141.html
af854a3a-2127-422b-91ae-364da2661108http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000648
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=104826470527308&w=2
af854a3a-2127-422b-91ae-364da2661108http://www.coresecurity.com/common/showdoc.php?idx=309&idxseccion=10Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200303-18.xml
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2003:045
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2003-108.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/7117Exploit, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A107
Impacted products
Vendor Product Version
ximian evolution 1.0.3
ximian evolution 1.0.4
ximian evolution 1.0.5
ximian evolution 1.0.6
ximian evolution 1.0.7
ximian evolution 1.0.8
ximian evolution 1.1.1
ximian evolution 1.2
ximian evolution 1.2.1
ximian evolution 1.2.2



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ximian:evolution:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4A2F537-E877-43CA-89A3-AF3C09AFAAFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ximian:evolution:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "86D0D1A5-209C-4BA2-9D15-5790F44C176D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ximian:evolution:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "7900F8AA-0BE8-4F89-99EC-3AF70BCF2A65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ximian:evolution:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCF6CCE6-AB19-438B-875F-043235C51BB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ximian:evolution:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "70CD8FAD-EA92-410E-AFF3-E65CF9FD83A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ximian:evolution:1.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "F280DC6C-76DA-4B92-B5BD-2C68C589B635",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ximian:evolution:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "87D49227-6D6A-4D0B-848E-232E05195EF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ximian:evolution:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF0F7DE-64B8-4B5F-9081-032CC2893B18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ximian:evolution:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "99DB0EF4-6B2F-4F5D-B4FF-05732980B28D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ximian:evolution:1.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C678BF17-00A7-497A-B517-C9DCFEBAC4FE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The try_uudecoding function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malicious uuencoded (UUE) header, possibly triggering a heap-based buffer overflow."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n try_uudecoding en mail-format.c en Ximian Evolution Mail User Agent 1.2.2 y anteriores permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) y posiblemente ejecutar c\u00f3digo arbitrario mediante una cabecera \"uu-codificada\" (UUE) de manera maliciosa, posiblemente disparando un desbordamiento de b\u00fafer basado en el mont\u00f3n (heap)."
    }
  ],
  "id": "CVE-2003-0128",
  "lastModified": "2024-11-20T23:44:01.550",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2003-03-24T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0141.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000648"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=104826470527308\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.coresecurity.com/common/showdoc.php?idx=309\u0026idxseccion=10"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200303-18.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:045"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2003-108.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/7117"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A107"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0141.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000648"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=104826470527308\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.coresecurity.com/common/showdoc.php?idx=309\u0026idxseccion=10"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200303-18.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:045"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2003-108.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/7117"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A107"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2003-03-24 05:00
Modified
2024-11-20 23:44
Severity ?
Summary
The handle_image function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier does not properly escape HTML characters, which allows remote attackers to inject arbitrary data and HTML via a MIME Content-ID header in a MIME-encoded image.
References
cve@mitre.orghttp://archives.neohapsis.com/archives/vulnwatch/2003-q1/0141.html
cve@mitre.orghttp://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000648
cve@mitre.orghttp://marc.info/?l=bugtraq&m=104826470527308&w=2
cve@mitre.orghttp://www.coresecurity.com/common/showdoc.php?idx=309&idxseccion=10Patch, Vendor Advisory
cve@mitre.orghttp://www.gentoo.org/security/en/glsa/glsa-200303-18.xml
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2003:045
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2003-108.html
cve@mitre.orghttp://www.securityfocus.com/bid/7119Exploit, Patch, Vendor Advisory
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A111
af854a3a-2127-422b-91ae-364da2661108http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0141.html
af854a3a-2127-422b-91ae-364da2661108http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000648
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=104826470527308&w=2
af854a3a-2127-422b-91ae-364da2661108http://www.coresecurity.com/common/showdoc.php?idx=309&idxseccion=10Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200303-18.xml
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2003:045
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2003-108.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/7119Exploit, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A111
Impacted products
Vendor Product Version
ximian evolution 1.0.3
ximian evolution 1.0.4
ximian evolution 1.0.5
ximian evolution 1.0.6
ximian evolution 1.0.7
ximian evolution 1.0.8
ximian evolution 1.1.1
ximian evolution 1.2
ximian evolution 1.2.1
ximian evolution 1.2.2



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ximian:evolution:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4A2F537-E877-43CA-89A3-AF3C09AFAAFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ximian:evolution:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "86D0D1A5-209C-4BA2-9D15-5790F44C176D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ximian:evolution:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "7900F8AA-0BE8-4F89-99EC-3AF70BCF2A65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ximian:evolution:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCF6CCE6-AB19-438B-875F-043235C51BB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ximian:evolution:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "70CD8FAD-EA92-410E-AFF3-E65CF9FD83A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ximian:evolution:1.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "F280DC6C-76DA-4B92-B5BD-2C68C589B635",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ximian:evolution:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "87D49227-6D6A-4D0B-848E-232E05195EF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ximian:evolution:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF0F7DE-64B8-4B5F-9081-032CC2893B18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ximian:evolution:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "99DB0EF4-6B2F-4F5D-B4FF-05732980B28D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ximian:evolution:1.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C678BF17-00A7-497A-B517-C9DCFEBAC4FE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The handle_image function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier does not properly escape HTML characters, which allows remote attackers to inject arbitrary data and HTML via a MIME Content-ID header in a MIME-encoded image."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n handle_image de mail-format.c en Ximian Evolution Mail User Agent 1.2.2 y anteriores no interpreta correctamente los caracteres \u0027escapados\u0027 de HTML, lo que permite a atacantes remotos la inyecci\u00f3n arbitraria de datos y HTML mediante una cabecera MIME Content-ID en una imagen cifrada con MIME."
    }
  ],
  "id": "CVE-2003-0130",
  "lastModified": "2024-11-20T23:44:01.877",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2003-03-24T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0141.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000648"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=104826470527308\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.coresecurity.com/common/showdoc.php?idx=309\u0026idxseccion=10"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200303-18.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:045"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2003-108.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/7119"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A111"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0141.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000648"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=104826470527308\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.coresecurity.com/common/showdoc.php?idx=309\u0026idxseccion=10"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200303-18.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:045"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2003-108.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/7119"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A111"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2003-06-16 04:00
Modified
2024-11-20 23:44
Severity ?
Summary
The IMAP Client for Evolution 1.2.4 allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large literal size values that cause either integer signedness errors or integer overflow errors.
Impacted products
Vendor Product Version
ximian evolution 1.2.4



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ximian:evolution:1.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9A844BF-30CC-4289-81C4-1161FDEBC345",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The IMAP Client for Evolution 1.2.4 allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large literal size values that cause either integer signedness errors or integer overflow errors."
    },
    {
      "lang": "es",
      "value": "El cliente IMAP para Evolution 1.2.4 permite que servidores IMAP remotos da\u00f1inos provoquen una denegaci\u00f3n de servicio y posiblemente ejecuten c\u00f3digo arbitrario mediante ciertos valores literales muy grandes que causan errores de desbordamiento de b\u00fafer de enteros."
    }
  ],
  "id": "CVE-2003-0296",
  "lastModified": "2024-11-20T23:44:24.887",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2003-06-16T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=105294024124163\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=105294024124163\u0026w=2"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2005-05-02 04:00
Modified
2024-11-20 23:55
Severity ?
Summary
Evolution 2.0.3 allows remote attackers to cause a denial of service (application crash or hang) via crafted messages, possibly involving charsets in attachment filenames.
Impacted products
Vendor Product Version
ximian evolution 2.0.3



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ximian:evolution:2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "68499115-1915-45D5-BED1-BBF794EA214E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Evolution 2.0.3 allows remote attackers to cause a denial of service (application crash or hang) via crafted messages, possibly involving charsets in attachment filenames."
    }
  ],
  "id": "CVE-2005-0806",
  "lastModified": "2024-11-20T23:55:56.607",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-05-02T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://bugzilla.ximian.com/show_bug.cgi?id=72609"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:059"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-397.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10532"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://usn.ubuntu.com/166-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://bugzilla.ximian.com/show_bug.cgi?id=72609"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:059"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-397.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10532"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/166-1/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2002-12-31 05:00
Modified
2024-11-20 23:42
Severity ?
Summary
Evolution 1.0.3 and 1.0.4 allows remote attackers to cause a denial of service (memory consumption and crash) via an email with a malformed MIME header.
Impacted products
Vendor Product Version
ximian evolution 1.0.3
ximian evolution 1.0.4



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ximian:evolution:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4A2F537-E877-43CA-89A3-AF3C09AFAAFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ximian:evolution:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "86D0D1A5-209C-4BA2-9D15-5790F44C176D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Evolution 1.0.3 and 1.0.4 allows remote attackers to cause a denial of service (memory consumption and crash) via an email with a malformed MIME header."
    }
  ],
  "id": "CVE-2002-1765",
  "lastModified": "2024-11-20T23:42:04.460",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2002-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://mail.gnome.org/archives/gnome-announce-list/2002-May/msg00020.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://online.securityfocus.com/advisories/4117"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://rhn.redhat.com/errata/RHBA-2002-080.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/4715"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9059"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://mail.gnome.org/archives/gnome-announce-list/2002-May/msg00020.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://online.securityfocus.com/advisories/4117"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://rhn.redhat.com/errata/RHBA-2002-080.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/4715"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9059"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2003-06-16 04:00
Modified
2024-11-20 23:44
Severity ?
Summary
The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors.
Impacted products



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:outlook_express:6.00.2800.1106:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B6C3153-39B0-4C14-B414-01BE10D8742E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C656A621-BE62-4BB8-9B25-A3916E60FA12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla:1.4:alpha:*:*:*:*:*:*",
              "matchCriteriaId": "82A6419D-0E94-4D80-8B07-E5AB4DBA2F28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mutt:mutt:1.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "65DB0D49-CD49-4EF6-9013-1B03E0D644D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qualcomm:eudora:5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D64909E5-6E9A-4873-B23C-C825B5CDBAAE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stuart_parmenter:balsa:2.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A86E91A-CAEA-4580-913C-DF610DEABF27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sylpheed:sylpheed_email_client:0.8.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "CED27A6B-FDDB-4729-8E98-86C062357E68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:university_of_washington:pine:4.53:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8E05D27-10F6-43CF-B7E9-73A82DE02953",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ximian:evolution:1.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9A844BF-30CC-4289-81C4-1161FDEBC345",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors."
    },
    {
      "lang": "es",
      "value": "El cliente IMAP para Sylpheed 0.8.11 permite que servidores IMAP remotos da\u00f1inos originen una denegaci\u00f3n de servicio (ca\u00edda) mediante ciertos tama\u00f1os literales muy largos que causan desbordamientos de b\u00fafer de enteros."
    }
  ],
  "id": "CVE-2003-0300",
  "lastModified": "2024-11-20T23:44:25.410",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2003-06-16T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=105294024124163\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=105294024124163\u0026w=2"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2003-04-22 04:00
Modified
2024-11-20 23:41
Severity ?
Summary
The camel component for Ximian Evolution 1.0.x and earlier does not verify certificates when it establishes a new SSL connection after previously verifying a certificate, which could allow remote attackers to monitor or modify sessions via a man-in-the-middle attack.
Impacted products
Vendor Product Version
ximian evolution 1.0.3
ximian evolution 1.0.4
ximian evolution 1.0.5
ximian evolution 1.0.6
ximian evolution 1.0.7
ximian evolution 1.0.8



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ximian:evolution:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4A2F537-E877-43CA-89A3-AF3C09AFAAFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ximian:evolution:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "86D0D1A5-209C-4BA2-9D15-5790F44C176D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ximian:evolution:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "7900F8AA-0BE8-4F89-99EC-3AF70BCF2A65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ximian:evolution:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCF6CCE6-AB19-438B-875F-043235C51BB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ximian:evolution:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "70CD8FAD-EA92-410E-AFF3-E65CF9FD83A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ximian:evolution:1.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "F280DC6C-76DA-4B92-B5BD-2C68C589B635",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The camel component for Ximian Evolution 1.0.x and earlier does not verify certificates when it establishes a new SSL connection after previously verifying a certificate, which could allow remote attackers to monitor or modify sessions via a man-in-the-middle attack."
    },
    {
      "lang": "es",
      "value": "El componente camel de Ximian Evolution 1.0.x y anteriores no verifica certificados cuando establece una conexi\u00f3n SSL nueva despu\u00e9s de haberlo verificado anteriormente, lo que podr\u00eda permitir a atacantes remotos monitorizar o modificar sesiones mediante un ataque de \u0027hombre en el medio\u0027"
    }
  ],
  "id": "CVE-2002-1471",
  "lastModified": "2024-11-20T23:41:23.250",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2003-04-22T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0045.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.iss.net/security_center/static/10292.php"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/5875"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0045.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.iss.net/security_center/static/10292.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/5875"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2003-03-24 05:00
Modified
2024-11-20 23:44
Severity ?
Summary
Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (memory consumption) via a mail message that is uuencoded multiple times.
References
cve@mitre.orghttp://archives.neohapsis.com/archives/vulnwatch/2003-q1/0141.html
cve@mitre.orghttp://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000648
cve@mitre.orghttp://marc.info/?l=bugtraq&m=104826470527308&w=2
cve@mitre.orghttp://www.coresecurity.com/common/showdoc.php?idx=309&idxseccion=10Patch, Vendor Advisory
cve@mitre.orghttp://www.gentoo.org/security/en/glsa/glsa-200303-18.xml
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2003:045
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2003-108.html
cve@mitre.orghttp://www.securityfocus.com/bid/7118Exploit, Patch, Vendor Advisory
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A108
af854a3a-2127-422b-91ae-364da2661108http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0141.html
af854a3a-2127-422b-91ae-364da2661108http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000648
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=104826470527308&w=2
af854a3a-2127-422b-91ae-364da2661108http://www.coresecurity.com/common/showdoc.php?idx=309&idxseccion=10Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200303-18.xml
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2003:045
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2003-108.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/7118Exploit, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A108
Impacted products
Vendor Product Version
ximian evolution 1.0.3
ximian evolution 1.0.4
ximian evolution 1.0.5
ximian evolution 1.0.6
ximian evolution 1.0.7
ximian evolution 1.0.8
ximian evolution 1.1.1
ximian evolution 1.2
ximian evolution 1.2.1
ximian evolution 1.2.2



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ximian:evolution:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4A2F537-E877-43CA-89A3-AF3C09AFAAFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ximian:evolution:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "86D0D1A5-209C-4BA2-9D15-5790F44C176D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ximian:evolution:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "7900F8AA-0BE8-4F89-99EC-3AF70BCF2A65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ximian:evolution:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCF6CCE6-AB19-438B-875F-043235C51BB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ximian:evolution:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "70CD8FAD-EA92-410E-AFF3-E65CF9FD83A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ximian:evolution:1.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "F280DC6C-76DA-4B92-B5BD-2C68C589B635",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ximian:evolution:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "87D49227-6D6A-4D0B-848E-232E05195EF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ximian:evolution:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF0F7DE-64B8-4B5F-9081-032CC2893B18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ximian:evolution:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "99DB0EF4-6B2F-4F5D-B4FF-05732980B28D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ximian:evolution:1.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C678BF17-00A7-497A-B517-C9DCFEBAC4FE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (memory consumption) via a mail message that is uuencoded multiple times."
    },
    {
      "lang": "es",
      "value": "Ximian Evolution Mail User Agent 1.2.2 y anteriores, permiten a atacantes remotos causar la Denegaci\u00f3n de Servicios (por consumo de memoria) mediante un correo que se decodifica muchas veces."
    }
  ],
  "id": "CVE-2003-0129",
  "lastModified": "2024-11-20T23:44:01.717",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2003-03-24T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0141.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000648"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=104826470527308\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.coresecurity.com/common/showdoc.php?idx=309\u0026idxseccion=10"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200303-18.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:045"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2003-108.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/7118"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A108"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0141.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000648"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=104826470527308\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.coresecurity.com/common/showdoc.php?idx=309\u0026idxseccion=10"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200303-18.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:045"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2003-108.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/7118"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A108"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}