GCVE - cpe:2.3:a:university_of_washington:pine:4.21:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:university_of_washington:pine:4.21:*:*:*:*:*:*:*

part: a version: 4.21 update: *

Vendor	University Of Washington (`ed089f73-e94b-52cd-87e8-787fe2b5154b`)
Product	Pine (`877b69b3-f81a-5840-87e3-57073f56e07b`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2003-0720`	vulnerable	2026-06-08 04:47:22.310275	Details available Buffer overflow in PINE before 4.58 allows remote attackers to execute arbitrary code via a malformed message/external-body MIME type. Published: 2003-09-12T04:00:00.000Z Updated: 2024-08-08T02:05:12.459Z Open on db.gcve.eu Reference links http://www.redhat.com/support/errata/RHSA-2003-274.html http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0099.html http://marc.info/?l=bugtraq&m=106329356702508&w=2 http://www.redhat.com/support/errata/RHSA-2003-273.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A499	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-2325`	vulnerable	2026-06-08 04:47:19.702769	Details available The c-client library in Internet Message Access Protocol (IMAP) dated before 2002 RC2, as used by Pine 4.20 through 4.44, allows remote attackers to cause a denial of service (client crash) via a MIME-encoded email with Content-Type header containing an empty boundary field. Published: 2007-10-26T19:00:00.000Z Updated: 2024-09-16T17:58:57.396Z Open on db.gcve.eu Reference links http://www.iss.net/security_center/static/9668.php http://online.securityfocus.com/archive/1/284086 http://www.securityfocus.com/bid/5301	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-1903`	vulnerable	2026-06-08 04:47:18.440789	Details available Pine 4.2.1 through 4.4.4 puts Unix usernames and/or uid into Sender: and X-Sender: headers, which could allow remote attackers to obtain sensitive information. Published: 2005-06-28T04:00:00.000Z Updated: 2024-09-16T22:21:08.298Z Open on db.gcve.eu Reference links http://www.iss.net/security_center/static/9297.php http://online.securityfocus.com/archive/1/276029 http://www.securityfocus.com/bid/4963	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-1320`	vulnerable	2026-06-08 04:46:23.416369	Details available Pine 4.44 and earlier allows remote attackers to cause a denial of service (core dump and failed restart) via an email message with a From header that contains a large number of quotation marks ("). Published: 2004-09-01T04:00:00.000Z Updated: 2024-08-08T03:19:28.587Z Open on db.gcve.eu Reference links http://www.redhat.com/support/errata/RHSA-2002-270.html http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-084.php http://www.iss.net/security_center/static/10555.php http://www.securityfocus.com/bid/6120 http://marc.info/?l=bugtraq&m=103668430620531&w=2	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-0014`	vulnerable	2026-06-08 04:46:20.394063	Details available URL-handling code in Pine 4.43 and earlier allows remote attackers to execute arbitrary commands via a URL enclosed in single quotes and containing shell metacharacters (&). Published: 2003-04-02T05:00:00.000Z Updated: 2024-08-08T02:35:17.470Z Open on db.gcve.eu Reference links http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000460 http://www.securityfocus.com/bid/3815 http://rhn.redhat.com/errata/RHSA-2002-009.html http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBTL0201-015 http://marc.info/?l=bugtraq&m=101027841605918&w=2	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2000-0909`	vulnerable	2026-06-08 04:45:18.955656	Details available Buffer overflow in the automatic mail checking component of Pine 4.21 and earlier allows remote attackers to execute arbitrary commands via a long From: header. Published: 2001-01-22T05:00:00.000Z Updated: 2024-08-08T05:37:31.349Z Open on db.gcve.eu Reference links ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:59.pine.asc http://www.redhat.com/support/errata/RHSA-2000-102.html http://archives.neohapsis.com/archives/bugtraq/2000-10/0441.html http://www.securityfocus.com/bid/1709 http://www.securityfocus.com/archive/1/84901	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2000-0847`	vulnerable	2026-06-08 04:45:18.854867	Details available Buffer overflow in University of Washington c-client library (used by pine and other programs) allows remote attackers to execute arbitrary commands via a long X-Keywords header. Published: 2001-01-22T05:00:00.000Z Updated: 2024-08-08T05:37:30.638Z Open on db.gcve.eu Reference links http://archives.neohapsis.com/archives/bugtraq/2000-08/0437.html http://archives.neohapsis.com/archives/bugtraq/2000-08/0425.html http://www.securityfocus.com/bid/1646 http://www.securityfocus.com/bid/1687 http://archives.neohapsis.com/archives/freebsd/2000-09/0108.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2000-0352`	vulnerable	2026-06-08 04:44:58.466813	Details available Pine before version 4.21 does not properly filter shell metacharacters from URLs, which allows remote attackers to execute arbitrary commands via a malformed URL. Published: 2000-07-12T04:00:00.000Z Updated: 2024-08-08T05:14:21.497Z Open on db.gcve.eu Reference links ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-036.0.txt http://www.securityfocus.com/bid/810 http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.10.9911171818220.12375-100000%40ray.compu-aid.com http://www.novell.com/linux/security/advisories/suse_security_announce_36.html	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Pine

PURL mappings

Vulnerability references

Contribute