2068 matches found
CVE-2003-0130
The handleimage function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier does not properly escape HTML characters, which allows remote attackers to inject arbitrary data and HTML via a MIME Content-ID header in a MIME-encoded image...
CVE-2003-0130
The CVE-2003-0130 issue affects Ximian Evolution Mail User Agent (Evolution 1.2.2 and earlier). The vulnerability lies in the handle_image() function in mail-format.c, which does not escape HTML characters in the Content-ID-derived string, enabling remote attackers to inject arbitrary data and HT...
CVE-2003-0129
CVE-2003-0129 affects Ximian Evolution Mail User Agent up to version 1.2.2, allowing remote attackers to cause memory exhaustion/DoS by uuencoding a mail message multiple times. Related issues CAN-2003-0128 and CAN-2003-0130 are addressed in the same advisory. Vendor patch: Evolution 1.2.3 releas...
CVE-2003-0128
The tryuudecoding function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a malicious uuencoded UUE header, possibly triggering a heap-based buffer overflow...
CVE-2003-0130
The handleimage function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier does not properly escape HTML characters, which allows remote attackers to inject arbitrary data and HTML via a MIME Content-ID header in a MIME-encoded image...
CVE-2003-0128
The tryuudecoding function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a malicious uuencoded UUE header, possibly triggering a heap-based buffer overflow...
CVE-2003-0129
Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service memory consumption via a mail message that is uuencoded multiple times...
CORE-2003-03-04-01: Multiple vulnerabilities in Ximian 's Evolution Mail User Agent
Core Security Technologies Advisory http://www.coresecurity.com Multiple vulnerabilities in Ximian's Evolution Mail User Agent Date Published: 2003-03-19 Last Update: 2003-03-19 Advisory ID: CORE-20030304-01 Bugtraq IDs: 7117, 7118, 7119 CVE CAN: CAN-2003-0128 CAN-2003-0129 CAN-2003-0130 Title:...
Multiple vulnerabilities in Ximian 's Evolution
Heap corruption in UUEncode handling, crossite scripting, client fingerprinting...
Ximian Evolution 1.x - MIME image* Content-Type Data Inclusion
Ximian Evolution 1.x - MIME image Content-Type Data Inclusion source: https://www.securityfocus.com/bid/7119/info Ximian Evolution does not properly validate MIME image/ Content-Type fields. If an email message contains an image/ Content-Type, any type of data can be embedded where the image...
Ximian Evolution 1.x - MIME image/* Content-Type Data Inclusion
source: https://www.securityfocus.com/bid/7119/info Ximian Evolution does not properly validate MIME image/ Content-Type fields. If an email message contains an image/ Content-Type, any type of data can be embedded where the image information is expected. This can be used to embed HTML tags that...
Ximian Evolution 1.x - UUEncoding Denial of Service
Ximian Evolution 1.x - UUEncoding Denial of Service source: https://www.securityfocus.com/bid/7118/info A vulnerability has been discovered in the Ximian Evolution Mail User Agent MUA. The problem occurs when the mailer attempts to process a maliciously encoded e-mail message. When attempting to...
Ximian Evolution 1.x - UUEncoding Parsing Memory Corruption
Ximian Evolution 1.x - UUEncoding Parsing Memory Corruption source: https://www.securityfocus.com/bid/7117/info The Evolution mail client supports "uuencoded" content and decodes it automatically when a message is initially parsed. A memory corruption error is present in the parsing component tha...
Ximian Evolution 1.x - UUEncoding Denial of Service
source: https://www.securityfocus.com/bid/7118/info A vulnerability has been discovered in the Ximian Evolution Mail User Agent MUA. The problem occurs when the mailer attempts to process a maliciously encoded e-mail message. When attempting to decode the message, the MUA will repeatedly attempt ...
Ximian Evolution 1.x - UUEncoding Parsing Memory Corruption
source: https://www.securityfocus.com/bid/7117/info The Evolution mail client supports "uuencoded" content and decodes it automatically when a message is initially parsed. A memory corruption error is present in the parsing component that can result in the client crashing when specially malformed...
CVE-2002-1765
Evolution 1.0.3 and 1.0.4 allows remote attackers to cause a denial of service memory consumption and crash via an email with a malformed MIME header...
CVE-2002-2249
PHP remote file inclusion vulnerability in News Evolution 2.0 allows remote attackers to execute arbitrary PHP commands via the neurl parameter to 1 backend.php, 2 screen.php, or 3 admin/modules/comment.php...
DEBIAN-CVE-2002-1765
Evolution 1.0.3 and 1.0.4 allows remote attackers to cause a denial of service memory consumption and crash via an email with a malformed MIME header...
CVE-2002-1765
Evolution 1.0.3 and 1.0.4 allows remote attackers to cause a denial of service memory consumption and crash via an email with a malformed MIME header...
FreeNews & News Evolution (PHP)
Informations : °°°°°°°°°°°°°° Problem : Include files a ------------------- Product : Freenews Version : 2.1 Website : http://www.prologin.fr ---------------------- b ------------------- Product : News Evolution Versions : 1.0, 2.0 Website : http://www.phpevolution.net ---------------------- PHP...