remote denial-of-service in pine

ID SUSE-SA:2002:046
Type suse
Reporter Suse
Modified 2002-11-25T11:03:55


Pine, Program for Internet News and Email, is a well known and widely used eMail client. While parsing and escaping characters of eMail addresses pine does not allocate enough memory for storing the escaped mailbox part of an address. This results in a buffer overflow on the heap that will make pine crash. The offending eMail can just be deleted manually or by using another mail user agent.