Gnome Evolution vulnerabilities

CVE-2005-0102 [CRITICAL] CWE-190 CVE-2005-0102: Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote ma Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow.

CVE-2003-0296 [HIGH] CVE-2003-0296: The IMAP Client for Evolution 1 The IMAP Client for Evolution 1.2.4 allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large literal size values that cause either integer signedness errors or integer overflow errors.

CVE-2003-0133 [MEDIUM] CVE-2003-0133: GtkHTML, as included in Evolution before 1 GtkHTML, as included in Evolution before 1.2.4, allows remote attackers to cause a denial of service (crash) via certain malformed messages.

CVE-2002-1471 [MEDIUM] CVE-2002-1471: The camel component for Ximian Evolution 1 The camel component for Ximian Evolution 1.0.x and earlier does not verify certificates when it establishes a new SSL connection after previously verifying a certificate, which could allow remote attackers to monitor or modify sessions via a man-in-the-middle attack.

CVE-2003-0130 [MEDIUM] CVE-2003-0130: The handle_image function in mail-format The handle_image function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier does not properly escape HTML characters, which allows remote attackers to inject arbitrary data and HTML via a MIME Content-ID header in a MIME-encoded image.

CVE-2003-0128 [MEDIUM] CVE-2003-0128: The try_uudecoding function in mail-format The try_uudecoding function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malicious uuencoded (UUE) header, possibly triggering a heap-based buffer overflow.

CVE-2003-0129 [MEDIUM] CVE-2003-0129: Ximian Evolution Mail User Agent 1 Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (memory consumption) via a mail message that is uuencoded multiple times.

CVE-2002-1765 [MEDIUM] CVE-2002-1765: Evolution 1 Evolution 1.0.3 and 1.0.4 allows remote attackers to cause a denial of service (memory consumption and crash) via an email with a malformed MIME header.