CVSS: 7.5EPSS: 27%CPEs: 13EXPL: 2CVE-2003-0720 – Pine 4.56 - Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2003-0720
Buffer overflow in PINE before 4.58 allows remote attackers to execute arbitrary code via a malformed message/external-body MIME type. Desbordamiento de búfer en PINE anteriores a 4.58 permite a atacantes remotos ejecuta código arbitrario mediante un tipo MIME "message/external-body" malformado. • https://www.exploit-db.com/exploits/99 http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0099.html http://marc.info/?l=bugtraq&m=106322571805153&w=2 http://marc.info/?l=bugtraq&m=106329356702508&w=2 http://www.idefense.com/advisory/09.10.03.txt http://www.redhat.com/support/errata/RHSA-2003-273.html http://www.redhat.com/support/errata/RHSA-2003-274.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A499 https://access& •
CVSS: 7.5EPSS: 7%CPEs: 1EXPL: 1CVE-2003-0721
https://notcve.org/view.php?id=CVE-2003-0721
Integer signedness error in rfc2231_get_param from strings.c in PINE before 4.58 allows remote attackers to execute arbitrary code via an email that causes an out-of-bounds array access using a negative number. Error de falta de signo de entero en rfc2231_get_param de strings.c en PINE anteriores a 4.58 permite a atacantes remotos ejecutar mediante un correo electrónico que causa un acceso fuera de límites de un array usando un número negativo. • http://lists.grok.org.uk/pipermail/full-disclosure/2003-September/009850.html http://marc.info/?l=bugtraq&m=106329356702508&w=2 http://marc.info/?l=bugtraq&m=106367213400313&w=2 http://www.idefense.com/advisory/09.10.03.txt http://www.redhat.com/support/errata/RHSA-2003-273.html http://www.redhat.com/support/errata/RHSA-2003-274.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A503 https://access.redhat.com/security/cve/CVE-2003& • CWE-129: Improper Validation of Array Index •
CVSS: 5.0EPSS: 9%CPEs: 9EXPL: 2CVE-2002-1320 – Pine 4.x - 'From:' Heap Corruption
https://notcve.org/view.php?id=CVE-2002-1320
Pine 4.44 and earlier allows remote attackers to cause a denial of service (core dump and failed restart) via an email message with a From header that contains a large number of quotation marks ("). Pine 4.44 y anteriores permite a atacantes remotos causar una denegación de servicio (volcado del núcleo y fallo al reiniciar) mediante un mensaje de correo electrónico con una cabecera From que contiene un número largo de comillas ("). • https://www.exploit-db.com/exploits/21985 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000551 http://marc.info/?l=bugtraq&m=103668430620531&w=2 http://marc.info/?l=bugtraq&m=103884988306241&w=2 http://www.iss.net/security_center/static/10555.php http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-084.php http://www.linuxsecurity.com/advisories/engarde_advisory-2614.html http://www.novell.com/linux/security/advisories/2002_046_pine.html http://www&# •
CVSS: 2.1EPSS: 0%CPEs: 12EXPL: 1CVE-2001-0736 – University of Washington Pico 3.x/4.x - File Overwrite
https://notcve.org/view.php?id=CVE-2001-0736
Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack. • https://www.exploit-db.com/exploits/20493 http://marc.info/?l=bugtraq&m=98749102621604&w=2 http://marc.info/?l=bugtraq&m=99106787825229&w=2 http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-047.php3?dis=8.0 http://www.redhat.com/support/errata/RHSA-2001-042.html https://exchange.xforce.ibmcloud.com/vulnerabilities/6367 •
CVSS: 7.5EPSS: 4%CPEs: 3EXPL: 2CVE-2000-0909 – UoW Pine 4.0.4/4.10/4.21 - 'From:' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2000-0909
Buffer overflow in the automatic mail checking component of Pine 4.21 and earlier allows remote attackers to execute arbitrary commands via a long From: header. • https://www.exploit-db.com/exploits/20237 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:59.pine.asc http://archives.neohapsis.com/archives/bugtraq/2000-10/0441.html http://www.linux-mandrake.com/en/security/MDKSA-2000-073.php3 http://www.redhat.com/support/errata/RHSA-2000-102.html http://www.securityfocus.com/archive/1/84901 http://www.securityfocus.com/bid/1709 https://exchange.xforce.ibmcloud.com/vulnerabilities/5283 •