15 results (0.011 seconds)

CVSS: 1.2EPSS: 0%CPEs: 1EXPL: 0

Race condition in rpdump in Pine 4.62 and earlier allows local users to overwrite arbitrary files via a symlink attack. • http://msgs.securepoint.com/cgi-bin/get/bugtraq0504/126.html http://secunia.com/advisories/14899 http://www.osvdb.org/15456 •

CVSS: 7.5EPSS: 27%CPEs: 13EXPL: 2

Buffer overflow in PINE before 4.58 allows remote attackers to execute arbitrary code via a malformed message/external-body MIME type. Desbordamiento de búfer en PINE anteriores a 4.58 permite a atacantes remotos ejecuta código arbitrario mediante un tipo MIME "message/external-body" malformado. • https://www.exploit-db.com/exploits/99 http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0099.html http://marc.info/?l=bugtraq&m=106322571805153&w=2 http://marc.info/?l=bugtraq&m=106329356702508&w=2 http://www.idefense.com/advisory/09.10.03.txt http://www.redhat.com/support/errata/RHSA-2003-273.html http://www.redhat.com/support/errata/RHSA-2003-274.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A499 https://access& •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

c-client IMAP Client, as used in imap-2002b and Pine 4.53, allows remote malicious IMAP servers to cause a denial of service (crash) and possibly execute arbitrary code via certain large (1) literal and (2) mailbox size values that cause either integer signedness errors or integer overflow errors. El cliente IMAP, usado en imap-2002b y Pine 4.53, permite que servidores IMAP dañinos originen una denegación de servicio (caída) y posiblemente ejecuten código arbitrario mediante ciertos valores de mailbox deamasiado grandes (lo que causa un desbordamiento de búfer de enteros). • http://marc.info/?l=bugtraq&m=105294024124163&w=2 http://www.redhat.com/support/errata/RHSA-2005-015.html http://www.redhat.com/support/errata/RHSA-2005-114.html http://www.securityfocus.com/archive/1/430302/100/0/threaded https://access.redhat.com/security/cve/CVE-2003-0297 https://bugzilla.redhat.com/show_bug.cgi?id=1617017 •

CVSS: 5.0EPSS: 1%CPEs: 9EXPL: 0

The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors. El cliente IMAP para Sylpheed 0.8.11 permite que servidores IMAP remotos dañinos originen una denegación de servicio (caída) mediante ciertos tamaños literales muy largos que causan desbordamientos de búfer de enteros. • http://marc.info/?l=bugtraq&m=105294024124163&w=2 •

CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 0

Pine 4.2.1 through 4.4.4 puts Unix usernames and/or uid into Sender: and X-Sender: headers, which could allow remote attackers to obtain sensitive information. • http://online.securityfocus.com/archive/1/276029 http://www.iss.net/security_center/static/9297.php http://www.securityfocus.com/bid/4963 •