Race condition in rpdump in Pine 4.62 and earlier allows local users to overwrite arbitrary files via a symlink attack.
Max CVSS
1.2
EPSS Score
0.04%
Published
2005-05-02
Updated
2008-09-05
Buffer overflow in PINE before 4.58 allows remote attackers to execute arbitrary code via a malformed message/external-body MIME type.
Max CVSS
7.5
EPSS Score
26.99%
Published
2003-09-17
Updated
2018-05-03
The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors.
Max CVSS
5.0
EPSS Score
0.46%
Published
2003-06-16
Updated
2016-10-18
c-client IMAP Client, as used in imap-2002b and Pine 4.53, allows remote malicious IMAP servers to cause a denial of service (crash) and possibly execute arbitrary code via certain large (1) literal and (2) mailbox size values that cause either integer signedness errors or integer overflow errors.
Max CVSS
7.5
EPSS Score
0.54%
Published
2003-06-16
Updated
2018-10-19
The c-client library in Internet Message Access Protocol (IMAP) dated before 2002 RC2, as used by Pine 4.20 through 4.44, allows remote attackers to cause a denial of service (client crash) via a MIME-encoded email with Content-Type header containing an empty boundary field.
Max CVSS
7.8
EPSS Score
2.41%
Published
2002-12-31
Updated
2008-09-05
Pine 4.2.1 through 4.4.4 puts Unix usernames and/or uid into Sender: and X-Sender: headers, which could allow remote attackers to obtain sensitive information.
Max CVSS
5.0
EPSS Score
0.23%
Published
2002-12-31
Updated
2008-09-05
Pine 4.44 and earlier allows remote attackers to cause a denial of service (core dump and failed restart) via an email message with a From header that contains a large number of quotation marks (").
Max CVSS
5.0
EPSS Score
9.52%
Published
2002-12-11
Updated
2016-10-18
URL-handling code in Pine 4.43 and earlier allows remote attackers to execute arbitrary commands via a URL enclosed in single quotes and containing shell metacharacters (&).
Max CVSS
7.5
EPSS Score
0.87%
Published
2002-07-26
Updated
2016-10-18
Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack.
Max CVSS
2.1
EPSS Score
0.04%
Published
2001-10-18
Updated
2017-12-19
Buffer overflow in the automatic mail checking component of Pine 4.21 and earlier allows remote attackers to execute arbitrary commands via a long From: header.
Max CVSS
7.5
EPSS Score
4.62%
Published
2000-12-19
Updated
2017-10-10
Buffer overflow in University of Washington c-client library (used by pine and other programs) allows remote attackers to execute arbitrary commands via a long X-Keywords header.
Max CVSS
7.5
EPSS Score
0.95%
Published
2000-11-14
Updated
2017-10-10
Pine 4.x allows a remote attacker to execute arbitrary commands via an index.html file which executes lynx and obtains a uudecoded file from a malicious web server, which is then executed by Pine.
Max CVSS
10.0
EPSS Score
1.02%
Published
1999-06-28
Updated
2008-09-10
Pine before version 4.21 does not properly filter shell metacharacters from URLs, which allows remote attackers to execute arbitrary commands via a malformed URL.
Max CVSS
10.0
EPSS Score
2.88%
Published
1999-11-18
Updated
2008-09-10
Pine before version 3.94 allows local users to gain privileges via a symlink attack on a lockfile that is created when a user receives new mail.
Max CVSS
4.6
EPSS Score
0.05%
Published
1996-08-26
Updated
2017-12-19
MIME buffer overflow in email clients, e.g. Solaris mailtool and Outlook.
Max CVSS
5.0
EPSS Score
0.92%
Published
1997-12-16
Updated
2018-10-12
15 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!