New Search

Ximian Evolution MIME-encoded Image Buffer Overflow

oval:org.mitre.oval:def:111

The handle_image function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier does not properly escape HTML characters which allows remote attackers inject arbitrary data and HTML via a MIME Content-ID header in a MIME-encoded image.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Red Hat Linux 9
Class:
vulnerability
Reference(s):
  • CVE-2003-0130
Product(s):
  • Ximian Evolution