CVE-2003-0128

Name of the Vulnerable Software and Affected Versions Ximian Evolution Mail User Agent versions 1.2.2 and earlier

Description The issue allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malicious uuencoded (UUE) header, potentially triggering a heap-based buffer overflow. This is due to a problem in the try uudecoding function in mail-format.c.

Recommendations For Ximian Evolution Mail User Agent versions 1.2.2 and earlier, consider disabling the try uudecoding function as a temporary workaround until a patch is available. Restrict the handling of uuencoded headers to minimize the risk of exploitation.