CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2003-0297
https://notcve.org/view.php?id=CVE-2003-0297
c-client IMAP Client, as used in imap-2002b and Pine 4.53, allows remote malicious IMAP servers to cause a denial of service (crash) and possibly execute arbitrary code via certain large (1) literal and (2) mailbox size values that cause either integer signedness errors or integer overflow errors. El cliente IMAP, usado en imap-2002b y Pine 4.53, permite que servidores IMAP dañinos originen una denegación de servicio (caída) y posiblemente ejecuten código arbitrario mediante ciertos valores de mailbox deamasiado grandes (lo que causa un desbordamiento de búfer de enteros). • http://marc.info/?l=bugtraq&m=105294024124163&w=2 http://www.redhat.com/support/errata/RHSA-2005-015.html http://www.redhat.com/support/errata/RHSA-2005-114.html http://www.securityfocus.com/archive/1/430302/100/0/threaded https://access.redhat.com/security/cve/CVE-2003-0297 https://bugzilla.redhat.com/show_bug.cgi?id=1617017 •
CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0CVE-2002-1782
https://notcve.org/view.php?id=CVE-2002-1782
The default configuration of University of Washington IMAP daemon (wu-imapd), when running on a system that does not allow shell access, allows a local user with a valid IMAP account to read arbitrary files as that user. • http://online.securityfocus.com/archive/1/275127 http://www.security.nnov.ru/advisories/courier.asp http://www.securityfocus.com/bid/4909 http://www.washington.edu/imap/IMAP-FAQs/index.html#5.1 https://exchange.xforce.ibmcloud.com/vulnerabilities/9238 •
CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 0CVE-2002-1903
https://notcve.org/view.php?id=CVE-2002-1903
Pine 4.2.1 through 4.4.4 puts Unix usernames and/or uid into Sender: and X-Sender: headers, which could allow remote attackers to obtain sensitive information. • http://online.securityfocus.com/archive/1/276029 http://www.iss.net/security_center/static/9297.php http://www.securityfocus.com/bid/4963 •
CVSS: 7.8EPSS: 2%CPEs: 5EXPL: 2CVE-2002-2325 – Pine 4.x - Empty MIME Boundary Denial of Service
https://notcve.org/view.php?id=CVE-2002-2325
The c-client library in Internet Message Access Protocol (IMAP) dated before 2002 RC2, as used by Pine 4.20 through 4.44, allows remote attackers to cause a denial of service (client crash) via a MIME-encoded email with Content-Type header containing an empty boundary field. • https://www.exploit-db.com/exploits/21644 http://online.securityfocus.com/archive/1/284086 http://www.iss.net/security_center/static/9668.php http://www.securityfocus.com/bid/5301 • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 9%CPEs: 9EXPL: 2CVE-2002-1320 – Pine 4.x - 'From:' Heap Corruption
https://notcve.org/view.php?id=CVE-2002-1320
Pine 4.44 and earlier allows remote attackers to cause a denial of service (core dump and failed restart) via an email message with a From header that contains a large number of quotation marks ("). Pine 4.44 y anteriores permite a atacantes remotos causar una denegación de servicio (volcado del núcleo y fallo al reiniciar) mediante un mensaje de correo electrónico con una cabecera From que contiene un número largo de comillas ("). • https://www.exploit-db.com/exploits/21985 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000551 http://marc.info/?l=bugtraq&m=103668430620531&w=2 http://marc.info/?l=bugtraq&m=103884988306241&w=2 http://www.iss.net/security_center/static/10555.php http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-084.php http://www.linuxsecurity.com/advisories/engarde_advisory-2614.html http://www.novell.com/linux/security/advisories/2002_046_pine.html http://www&# •