Debian Evolution vulnerabilities

CVE-2003-0296 [HIGH] CVE-2003-0296: evolution - The IMAP Client for Evolution 1.2.4 allows remote malicious IMAP servers to caus... The IMAP Client for Evolution 1.2.4 allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large literal size values that cause either integer signedness errors or integer overflow errors. Scope: local bookworm: resolved (fixed in 1.3.2) bullseye: resolved (fixed in 1.3.2) forky: resolved (fixed in 1.3.2) si

CVE-2003-0130 [MEDIUM] CVE-2003-0130: evolution - The handle_image function in mail-format.c for Ximian Evolution Mail User Agent ... The handle_image function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier does not properly escape HTML characters, which allows remote attackers to inject arbitrary data and HTML via a MIME Content-ID header in a MIME-encoded image. Scope: local bookworm: resolved (fixed in 1.2.3) bullseye: resolved (fixed in 1.2.3) forky: resolved (fixed

CVE-2003-0133 [MEDIUM] CVE-2003-0133: evolution - GtkHTML, as included in Evolution before 1.2.4, allows remote attackers to cause... GtkHTML, as included in Evolution before 1.2.4, allows remote attackers to cause a denial of service (crash) via certain malformed messages. Scope: local bookworm: resolved (fixed in 1.2.4) bullseye: resolved (fixed in 1.2.4) forky: resolved (fixed in 1.2.4) sid: resolved (fixed in 1.2.4) trixie: resolved (fixed in 1.2.4)

CVE-2003-0129 [MEDIUM] CVE-2003-0129: evolution - Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to ca... Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (memory consumption) via a mail message that is uuencoded multiple times. Scope: local bookworm: resolved (fixed in 1.2.3) bullseye: resolved (fixed in 1.2.3) forky: resolved (fixed in 1.2.3) sid: resolved (fixed in 1.2.3) trixie: resolved (fixed in 1.2.3)

CVE-2003-0128 [MEDIUM] CVE-2003-0128: evolution - The try_uudecoding function in mail-format.c for Ximian Evolution Mail User Agen... The try_uudecoding function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malicious uuencoded (UUE) header, possibly triggering a heap-based buffer overflow. Scope: local bookworm: resolved (fixed in 1.2.3) bullseye: resolved (fixed in 1

CVE-2003-0541 [MEDIUM] CVE-2003-0541: evolution - gtkhtml before 1.1.10, as used in Evolution, allows remote attackers to cause a ... gtkhtml before 1.1.10, as used in Evolution, allows remote attackers to cause a denial of service (crash) via a malformed message that causes a null pointer dereference. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2002-1765 [MEDIUM] CVE-2002-1765: evolution - Evolution 1.0.3 and 1.0.4 allows remote attackers to cause a denial of service (... Evolution 1.0.3 and 1.0.4 allows remote attackers to cause a denial of service (memory consumption and crash) via an email with a malformed MIME header. Scope: local bookworm: resolved (fixed in 1.0.5) bullseye: resolved (fixed in 1.0.5) forky: resolved (fixed in 1.0.5) sid: resolved (fixed in 1.0.5) trixie: resolved (fixed in 1.0.5)

CVE-2002-1471 [MEDIUM] CVE-2002-1471: evolution - The camel component for Ximian Evolution 1.0.x and earlier does not verify certi... The camel component for Ximian Evolution 1.0.x and earlier does not verify certificates when it establishes a new SSL connection after previously verifying a certificate, which could allow remote attackers to monitor or modify sessions via a man-in-the-middle attack. Scope: local bookworm: resolved (fixed in 1.2.0-1) bullseye: resolved (fixed in 1.2.0-1) forky: re