Vulnerabilities > CVE-2003-0128 - Unspecified vulnerability in Ximian Evolution
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The try_uudecoding function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malicious uuencoded (UUE) header, possibly triggering a heap-based buffer overflow.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 10 |
Exploit-Db
description | Ximian Evolution 1.x UUEncoding Denial of Service Vulnerability. CVE-2003-0128. Dos exploit for linux platform |
id | EDB-ID:22370 |
last seen | 2016-02-02 |
modified | 2003-03-17 |
published | 2003-03-17 |
reporter | Core Security |
source | https://www.exploit-db.com/download/22370/ |
title | Ximian Evolution 1.x UUEncoding Denial of Service Vulnerability |
Nessus
NASL family | Mandriva Local Security Checks |
NASL id | MANDRAKE_MDKSA-2003-045.NASL |
description | Several vulnerabilities were discovered in the Evolution email client. These problems make it possible for a carefully constructed email message to crash the program, causing general system instability by starving resources. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 14029 |
published | 2004-07-31 |
reporter | This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/14029 |
title | Mandrake Linux Security Advisory : evolution (MDKSA-2003:045) |
code |
|
Oval
accepted | 2007-04-25T19:52:13.800-04:00 | ||||||||||||
class | vulnerability | ||||||||||||
contributors |
| ||||||||||||
description | The try_uudecoding function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malicious uuencoded (UUE) header, possibly triggering a heap-based buffer overflow. | ||||||||||||
family | unix | ||||||||||||
id | oval:org.mitre.oval:def:107 | ||||||||||||
status | accepted | ||||||||||||
submitted | 2003-08-11T12:00:00.000-04:00 | ||||||||||||
title | Ximian Evolution Mail User Agent uuencoded header Denial of Service | ||||||||||||
version | 38 |
Redhat
advisories |
|
References
- http://www.coresecurity.com/common/showdoc.php?idx=309&idxseccion=10
- http://www.securityfocus.com/bid/7117
- http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0141.html
- http://www.redhat.com/support/errata/RHSA-2003-108.html
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000648
- http://www.gentoo.org/security/en/glsa/glsa-200303-18.xml
- http://www.mandriva.com/security/advisories?name=MDKSA-2003:045
- http://marc.info/?l=bugtraq&m=104826470527308&w=2
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A107