remote code execution in pine

2003-09-1107:48:49

lists.opensuse.org

0.27 Low

EPSS

Percentile

96.8%

JSON

The well known and widely used mail client pine is vulnerable to a buffer overflow. The vulnerability exists in the code processing ‘message/external-body’ type messages. It allows remote attackers to execute arbitrary commands as the user running pine. Additionally an integer overflow in the MIME header parsing code has been fixed.

OSVersionArchitecturePackageVersionFilename
openSUSE7.3ppcpine< 4.33-153pine-4.33-153.ppc.rpm
openSUSE8.0i386pine< 4.44-281pine-4.44-281.i386.rpm
openSUSE7.2i386pine< 4.33-279pine-4.33-279.i386.rpm
openSUSE7.3i386pine< 4.33-280pine-4.33-280.i386.rpm
openSUSE8.1i586pine< 4.44-283pine-4.44-283.i586.rpm
openSUSE7.3sparcpine< 4.33-101pine-4.33-101.sparc.rpm
openSUSE8.2i586pine< 4.53-109pine-4.53-109.i586.rpm

OS	Version	Architecture	Package	Version	Filename
openSUSE	7.3	ppc	pine	< 4.33-153	pine-4.33-153.ppc.rpm
openSUSE	8.0	i386	pine	< 4.44-281	pine-4.44-281.i386.rpm
openSUSE	7.2	i386	pine	< 4.33-279	pine-4.33-279.i386.rpm
openSUSE	7.3	i386	pine	< 4.33-280	pine-4.33-280.i386.rpm
openSUSE	8.1	i586	pine	< 4.44-283	pine-4.44-283.i586.rpm
openSUSE	7.3	sparc	pine	< 4.33-101	pine-4.33-101.sparc.rpm
openSUSE	8.2	i586	pine	< 4.53-109	pine-4.53-109.i586.rpm

0.27 Low

EPSS

Percentile

96.8%

JSON

Related for SUSE-SA:2003:037