Unrated severityNVD Advisory· Published Mar 24, 2003· Updated Apr 16, 2026
CVE-2003-0130
CVE-2003-0130
Description
The handle_image function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier does not properly escape HTML characters, which allows remote attackers to inject arbitrary data and HTML via a MIME Content-ID header in a MIME-encoded image.
Affected products
10cpe:2.3:a:ximian:evolution:1.0.3:*:*:*:*:*:*:*+ 9 more
- cpe:2.3:a:ximian:evolution:1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ximian:evolution:1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:ximian:evolution:1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:ximian:evolution:1.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:ximian:evolution:1.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:ximian:evolution:1.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:ximian:evolution:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ximian:evolution:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:ximian:evolution:1.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:ximian:evolution:1.2.2:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
9- www.coresecurity.com/common/showdoc.phpnvdPatchVendor Advisory
- www.securityfocus.com/bid/7119nvdExploitPatchVendor Advisory
- archives.neohapsis.com/archives/vulnwatch/2003-q1/0141.htmlnvd
- distro.conectiva.com.br/atualizacoes/nvd
- marc.infonvd
- www.gentoo.org/security/en/glsa/glsa-200303-18.xmlnvd
- www.mandriva.com/security/advisoriesnvd
- www.redhat.com/support/errata/RHSA-2003-108.htmlnvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A111nvd
News mentions
0No linked articles in our index yet.