CVSS: 9.8EPSS: 19%CPEs: 13EXPL: 2CVE-2003-0720 – Pine 4.56 - Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2003-0720
12 Sep 2003 — Buffer overflow in PINE before 4.58 allows remote attackers to execute arbitrary code via a malformed message/external-body MIME type. Desbordamiento de búfer en PINE anteriores a 4.58 permite a atacantes remotos ejecuta código arbitrario mediante un tipo MIME "message/external-body" malformado. • https://www.exploit-db.com/exploits/99 •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 1CVE-2003-0721
https://notcve.org/view.php?id=CVE-2003-0721
12 Sep 2003 — Integer signedness error in rfc2231_get_param from strings.c in PINE before 4.58 allows remote attackers to execute arbitrary code via an email that causes an out-of-bounds array access using a negative number. Error de falta de signo de entero en rfc2231_get_param de strings.c en PINE anteriores a 4.58 permite a atacantes remotos ejecutar mediante un correo electrónico que causa un acceso fuera de límites de un array usando un número negativo. • http://lists.grok.org.uk/pipermail/full-disclosure/2003-September/009850.html • CWE-129: Improper Validation of Array Index •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2002-1903
https://notcve.org/view.php?id=CVE-2002-1903
31 Dec 2002 — Pine 4.2.1 through 4.4.4 puts Unix usernames and/or uid into Sender: and X-Sender: headers, which could allow remote attackers to obtain sensitive information. • http://online.securityfocus.com/archive/1/276029 •
CVSS: 7.8EPSS: 3%CPEs: 5EXPL: 2CVE-2002-2325 – Pine 4.x - Empty MIME Boundary Denial of Service
https://notcve.org/view.php?id=CVE-2002-2325
31 Dec 2002 — The c-client library in Internet Message Access Protocol (IMAP) dated before 2002 RC2, as used by Pine 4.20 through 4.44, allows remote attackers to cause a denial of service (client crash) via a MIME-encoded email with Content-Type header containing an empty boundary field. • https://www.exploit-db.com/exploits/21644 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 16%CPEs: 9EXPL: 2CVE-2002-1320 – Pine 4.x - 'From:' Heap Corruption
https://notcve.org/view.php?id=CVE-2002-1320
11 Dec 2002 — Pine 4.44 and earlier allows remote attackers to cause a denial of service (core dump and failed restart) via an email message with a From header that contains a large number of quotation marks ("). Pine 4.44 y anteriores permite a atacantes remotos causar una denegación de servicio (volcado del núcleo y fallo al reiniciar) mediante un mensaje de correo electrónico con una cabecera From que contiene un número largo de comillas ("). • https://www.exploit-db.com/exploits/21985 •
CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0CVE-2002-0014
https://notcve.org/view.php?id=CVE-2002-0014
26 Jul 2002 — URL-handling code in Pine 4.43 and earlier allows remote attackers to execute arbitrary commands via a URL enclosed in single quotes and containing shell metacharacters (&). • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000460 •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 1CVE-2001-0736 – University of Washington Pico 3.x/4.x - File Overwrite
https://notcve.org/view.php?id=CVE-2001-0736
12 Oct 2001 — Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack. • https://www.exploit-db.com/exploits/20493 •
CVSS: 9.8EPSS: 11%CPEs: 3EXPL: 2CVE-2000-0909 – UoW Pine 4.0.4/4.10/4.21 - 'From:' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2000-0909
19 Dec 2000 — Buffer overflow in the automatic mail checking component of Pine 4.21 and earlier allows remote attackers to execute arbitrary commands via a long From: header. • https://www.exploit-db.com/exploits/20237 •
CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0CVE-2000-0847
https://notcve.org/view.php?id=CVE-2000-0847
14 Nov 2000 — Buffer overflow in University of Washington c-client library (used by pine and other programs) allows remote attackers to execute arbitrary commands via a long X-Keywords header. • http://archives.neohapsis.com/archives/bugtraq/2000-08/0425.html •
CVSS: 10.0EPSS: 2%CPEs: 2EXPL: 0CVE-2000-0352
https://notcve.org/view.php?id=CVE-2000-0352
18 Nov 1999 — Pine before version 4.21 does not properly filter shell metacharacters from URLs, which allows remote attackers to execute arbitrary commands via a malformed URL. • ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-036.0.txt •