Ximian : Security Vulnerabilities, CVEs, CVSS score >= 4
Evolution 2.0.3 allows remote attackers to cause a denial of service (application crash or hang) via crafted messages, possibly involving charsets in attachment filenames.
Max CVSS
5.0
EPSS Score
1.44%
Published
2005-05-02
Updated
2018-10-03
The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors.
Max CVSS
5.0
EPSS Score
0.46%
Published
2003-06-16
Updated
2016-10-18
The IMAP Client for Evolution 1.2.4 allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large literal size values that cause either integer signedness errors or integer overflow errors.
Max CVSS
7.5
EPSS Score
0.34%
Published
2003-06-16
Updated
2016-10-18
The handle_image function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier does not properly escape HTML characters, which allows remote attackers to inject arbitrary data and HTML via a MIME Content-ID header in a MIME-encoded image.
Max CVSS
5.0
EPSS Score
2.51%
Published
2003-03-24
Updated
2017-10-11
Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (memory consumption) via a mail message that is uuencoded multiple times.
Max CVSS
5.0
EPSS Score
6.07%
Published
2003-03-24
Updated
2017-10-11
The try_uudecoding function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malicious uuencoded (UUE) header, possibly triggering a heap-based buffer overflow.
Max CVSS
5.0
EPSS Score
16.19%
Published
2003-03-24
Updated
2017-10-11
Evolution 1.0.3 and 1.0.4 allows remote attackers to cause a denial of service (memory consumption and crash) via an email with a malformed MIME header.
Max CVSS
5.0
EPSS Score
1.43%
Published
2002-12-31
Updated
2017-07-11
The camel component for Ximian Evolution 1.0.x and earlier does not verify certificates when it establishes a new SSL connection after previously verifying a certificate, which could allow remote attackers to monitor or modify sessions via a man-in-the-middle attack.
Max CVSS
5.0
EPSS Score
0.21%
Published
2003-04-22
Updated
2008-09-05
8 vulnerabilities found