CVE-2003-0130 | SynScan

Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2003-0130

The handle_image function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier does not properly escape HTML characters, which allows remote attackers to inject arbitrary data and HTML via a MIME Content-ID header in a MIME-encoded image.

Published: Mar 24, 2003
Updated: Apr 13, 2023
CVE: CVE-2003-0130
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
ximian / evolution	1.0.7	1.0.7.x
ximian / evolution	1.2.2	1.2.2.x
ximian / evolution	1.0.3	1.0.3.x
ximian / evolution	1.0.6	1.0.6.x
ximian / evolution	1.2	1.2.x
ximian / evolution	1.2.1	1.2.1.x
ximian / evolution	1.0.4	1.0.4.x
ximian / evolution	1.0.5	1.0.5.x
ximian / evolution	1.1.1	1.1.1.x
ximian / evolution	1.0.8	1.0.8.x