The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors.
Max CVSS
5.0
EPSS Score
0.46%
Published
2003-06-16
Updated
2016-10-18
The IMAP Client for Evolution 1.2.4 allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large literal size values that cause either integer signedness errors or integer overflow errors.
Max CVSS
7.5
EPSS Score
0.34%
Published
2003-06-16
Updated
2016-10-18
The handle_image function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier does not properly escape HTML characters, which allows remote attackers to inject arbitrary data and HTML via a MIME Content-ID header in a MIME-encoded image.
Max CVSS
5.0
EPSS Score
2.51%
Published
2003-03-24
Updated
2017-10-11
Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (memory consumption) via a mail message that is uuencoded multiple times.
Max CVSS
5.0
EPSS Score
6.07%
Published
2003-03-24
Updated
2017-10-11
The try_uudecoding function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malicious uuencoded (UUE) header, possibly triggering a heap-based buffer overflow.
Max CVSS
5.0
EPSS Score
16.19%
Published
2003-03-24
Updated
2017-10-11
The camel component for Ximian Evolution 1.0.x and earlier does not verify certificates when it establishes a new SSL connection after previously verifying a certificate, which could allow remote attackers to monitor or modify sessions via a man-in-the-middle attack.
Max CVSS
5.0
EPSS Score
0.21%
Published
2003-04-22
Updated
2008-09-05
6 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!