Product:

Pine

(University_of_washington)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 15
Date Id Summary Products Score Patch Annotated
1999-11-18 CVE-2000-0352 Pine before version 4.21 does not properly filter shell metacharacters from URLs, which allows remote attackers to execute arbitrary commands via a malformed URL. Pine N/A
2005-05-02 CVE-2005-1066 Race condition in rpdump in Pine 4.62 and earlier allows local users to overwrite arbitrary files via a symlink attack. Pine N/A
2003-09-17 CVE-2003-0720 Buffer overflow in PINE before 4.58 allows remote attackers to execute arbitrary code via a malformed message/external-body MIME type. Pine N/A
2003-06-16 CVE-2003-0300 The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors. Outlook_express, Mozilla, Mutt, Eudora, Balsa, Sylpheed_email_client, Pine, Evolution N/A
2003-06-16 CVE-2003-0297 c-client IMAP Client, as used in imap-2002b and Pine 4.53, allows remote malicious IMAP servers to cause a denial of service (crash) and possibly execute arbitrary code via certain large (1) literal and (2) mailbox size values that cause either integer signedness errors or integer overflow errors. C\-Client, Imap\-2002b, Pine N/A
2002-12-31 CVE-2002-2325 The c-client library in Internet Message Access Protocol (IMAP) dated before 2002 RC2, as used by Pine 4.20 through 4.44, allows remote attackers to cause a denial of service (client crash) via a MIME-encoded email with Content-Type header containing an empty boundary field. Pine N/A
2002-12-31 CVE-2002-1903 Pine 4.2.1 through 4.4.4 puts Unix usernames and/or uid into Sender: and X-Sender: headers, which could allow remote attackers to obtain sensitive information. Pine N/A
2002-12-11 CVE-2002-1320 Pine 4.44 and earlier allows remote attackers to cause a denial of service (core dump and failed restart) via an email message with a From header that contains a large number of quotation marks ("). Pine N/A
2002-07-26 CVE-2002-0014 URL-handling code in Pine 4.43 and earlier allows remote attackers to execute arbitrary commands via a URL enclosed in single quotes and containing shell metacharacters (&). Pine N/A
2001-10-18 CVE-2001-0736 Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack. Secure_linux, Immunix, Mandrake_linux, Mandrake_linux_corporate_server, Linux, Pine N/A