CyberSec.Space Logo
Back to CVE Browser

CVE-2002-2325

HIGH
7.8
CVSS Severity Score
EPSS Score0.0940%
EPSS Percentile28.02th
PublishedDec 31, 2002
Last ModifiedApr 16, 2026

Vulnerability Description

The c-client library in Internet Message Access Protocol (IMAP) dated before 2002 RC2, as used by Pine 4.20 through 4.44, allows remote attackers to cause a denial of service (client crash) via a MIME-encoded email with Content-Type header containing an empty boundary field.

Affected Platforms (CPE)

πŸ“¦
University Of Washington

Pine

= 4.20
πŸ“¦
University Of Washington

Pine

= 4.21
πŸ“¦
University Of Washington

Pine

= 4.30
πŸ“¦
University Of Washington

Pine

= 4.33
πŸ“¦
University Of Washington

Pine

= 4.44

References & Advisories

πŸ”— http://online.securityfocus.com/archive/1/284086
πŸ”— http://www.iss.net/security_center/static/9668.php
πŸ”— http://www.securityfocus.com/bid/5301
πŸ”— http://online.securityfocus.com/archive/1/284086
πŸ”— http://www.iss.net/security_center/static/9668.php
πŸ”— http://www.securityfocus.com/bid/5301

Related Vulnerabilities

CVE-2000-035310.0

Pine 4.x allows a remote attacker to execute arbitrary commands via an index.html file which executes lynx and obtains a uudecoded...

CVE-2000-035210.0

Pine before version 4.21 does not properly filter shell metacharacters from URLs, which allows remote attackers to execute arbitra...

CVE-2000-08477.5

Buffer overflow in University of Washington c-client library (used by pine and other programs) allows remote attackers to execute ...

CVE-2000-09097.5

Buffer overflow in the automatic mail checking component of Pine 4.21 and earlier allows remote attackers to execute arbitrary com...