CVE-2003-0130

EPSS 13.5%

Published: 3/24/2003Modified: 4/28/2026

Description

The handle_image function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier does not properly escape HTML characters, which allows remote attackers to inject arbitrary data and HTML via a MIME Content-ID header in a MIME-encoded image.

Affected packages (1)

Debian/evolutionfrom 0, < 1.2.3

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2003-0130