Pine@4.20 Security Vulnerabilities and Issues — Pine@4.20 CVE List

Lucene search

University Of WashingtonPine4.20

6 matches found

CVE•added 2003/09/17 4:0 a.m.•85 views

CVE-2003-0720

Buffer overflow in PINE before 4.58 allows remote attackers to execute arbitrary code via a malformed message/external-body MIME type.

7.5CVSS7.6AI score0.19286EPSS

CVE•added 2004/09/01 4:0 a.m.•57 views

CVE-2002-1320

Pine 4.44 and earlier allows remote attackers to cause a denial of service (core dump and failed restart) via an email message with a From header that contains a large number of quotation marks (").

5CVSS6.4AI score0.16373EPSS

CVE•added 2000/07/12 4:0 a.m.•51 views

CVE-2000-0352

Pine before version 4.21 does not properly filter shell metacharacters from URLs, which allows remote attackers to execute arbitrary commands via a malformed URL.

10CVSS8AI score0.02467EPSS

CVE•added 2001/01/22 5:0 a.m.•43 views

CVE-2000-0847

Buffer overflow in University of Washington c-client library (used by pine and other programs) allows remote attackers to execute arbitrary commands via a long X-Keywords header.

7.5CVSS8.2AI score0.01433EPSS

CVE•added 2007/10/26 7:0 p.m.•36 views

CVE-2002-2325

The c-client library in Internet Message Access Protocol (IMAP) dated before 2002 RC2, as used by Pine 4.20 through 4.44, allows remote attackers to cause a denial of service (client crash) via a MIME-encoded email with Content-Type header containing an empty boundary field.

7.8CVSS6.9AI score0.03656EPSS

CVE•added 2003/04/02 5:0 a.m.•33 views

CVE-2002-0014

URL-handling code in Pine 4.43 and earlier allows remote attackers to execute arbitrary commands via a URL enclosed in single quotes and containing shell metacharacters (&).

7.5CVSS7.7AI score0.01246EPSS