Ximian
Products
2- 8 CVEs
- 3 CVEs
Recent CVEs
8| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2003-0128 | 0.04 | — | 0.12 | Mar 24, 2003 | The try_uudecoding function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malicious uuencoded (UUE) header, possibly triggering a heap-based buffer… | |||
| CVE-2003-0129 | 0.04 | — | 0.06 | Mar 24, 2003 | Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (memory consumption) via a mail message that is uuencoded multiple times. | |||
| CVE-2003-0130 | 0.03 | — | 0.06 | Mar 24, 2003 | The handle_image function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier does not properly escape HTML characters, which allows remote attackers to inject arbitrary data and HTML via a MIME Content-ID header in a MIME-encoded image. | |||
| CVE-2005-0806 | 0.00 | — | 0.02 | May 2, 2005 | Evolution 2.0.3 allows remote attackers to cause a denial of service (application crash or hang) via crafted messages, possibly involving charsets in attachment filenames. | |||
| CVE-2003-0296 | 0.00 | — | 0.02 | Jun 16, 2003 | The IMAP Client for Evolution 1.2.4 allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large literal size values that cause either integer signedness errors or integer overflow errors. | |||
| CVE-2003-0300 | 0.00 | — | 0.03 | Jun 16, 2003 | The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors. | |||
| CVE-2002-1471 | 0.00 | — | 0.01 | Apr 22, 2003 | The camel component for Ximian Evolution 1.0.x and earlier does not verify certificates when it establishes a new SSL connection after previously verifying a certificate, which could allow remote attackers to monitor or modify sessions via a man-in-the-middle attack. | |||
| CVE-2002-1765 | 0.00 | — | 0.02 | Dec 31, 2002 | Evolution 1.0.3 and 1.0.4 allows remote attackers to cause a denial of service (memory consumption and crash) via an email with a malformed MIME header. |
- CVE-2003-0128Mar 24, 2003risk 0.04cvss —epss 0.12
The try_uudecoding function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malicious uuencoded (UUE) header, possibly triggering a heap-based buffer…
- CVE-2003-0129Mar 24, 2003risk 0.04cvss —epss 0.06
Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (memory consumption) via a mail message that is uuencoded multiple times.
- CVE-2003-0130Mar 24, 2003risk 0.03cvss —epss 0.06
The handle_image function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier does not properly escape HTML characters, which allows remote attackers to inject arbitrary data and HTML via a MIME Content-ID header in a MIME-encoded image.
- CVE-2005-0806May 2, 2005risk 0.00cvss —epss 0.02
Evolution 2.0.3 allows remote attackers to cause a denial of service (application crash or hang) via crafted messages, possibly involving charsets in attachment filenames.
- CVE-2003-0296Jun 16, 2003risk 0.00cvss —epss 0.02
The IMAP Client for Evolution 1.2.4 allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large literal size values that cause either integer signedness errors or integer overflow errors.
- CVE-2003-0300Jun 16, 2003risk 0.00cvss —epss 0.03
The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors.
- CVE-2002-1471Apr 22, 2003risk 0.00cvss —epss 0.01
The camel component for Ximian Evolution 1.0.x and earlier does not verify certificates when it establishes a new SSL connection after previously verifying a certificate, which could allow remote attackers to monitor or modify sessions via a man-in-the-middle attack.
- CVE-2002-1765Dec 31, 2002risk 0.00cvss —epss 0.02
Evolution 1.0.3 and 1.0.4 allows remote attackers to cause a denial of service (memory consumption and crash) via an email with a malformed MIME header.