Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow.

Evolution 2.0.3 allows remote attackers to cause a denial of service (application crash or hang) via crafted messages, possibly involving charsets in attachment filenames.