Moderate

CVE-2003-0128 - Unspecified vulnerability in Ximian Evolution

Publication: 2003-03-24
Summary

The try_uudecoding function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malicious uuencoded (UUE) header, possibly triggering a heap-based buffer overflow.

Risk level (CVSS 5)

Moderate

5.0

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

Affected Products

  • Ximian Evolution 1.0.3
  • Ximian Evolution 1.0.4
  • Ximian Evolution 1.0.5
  • Ximian Evolution 1.0.6
  • Ximian Evolution 1.0.7
  • Ximian Evolution 1.0.8
  • Ximian Evolution 1.1.1
  • Ximian Evolution 1.2
  • Ximian Evolution 1.2.1
  • Ximian Evolution 1.2.2