CVE-2003-0130
EPSS 13.5%
Description
The handle_image function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier does not properly escape HTML characters, which allows remote attackers to inject arbitrary data and HTML via a MIME Content-ID header in a MIME-encoded image.
How to fix CVE-2003-0130
To remediate CVE-2003-0130, upgrade the affected package to a fixed version below.
- Debian/evolution—upgrade to 1.2.3 or later
Is CVE-2003-0130 being exploited?
Moderate — EPSS is 13.5%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (1)
- from 0, < 1.2.3