CyberSec.Space Logo
Back to CVE Browser

CVE-2000-0847

HIGH
7.5
CVSS Severity Score
EPSS Score0.1280%
EPSS Percentile28.22th
PublishedNov 14, 2000
Last ModifiedApr 16, 2026

Vulnerability Description

Buffer overflow in University of Washington c-client library (used by pine and other programs) allows remote attackers to execute arbitrary commands via a long X-Keywords header.

Affected Platforms (CPE)

πŸ“¦
University Of Washington

Imap

= 4.7b
πŸ“¦
University Of Washington

Imap

= 4.7c
πŸ“¦
University Of Washington

Pine

= 4.20
πŸ“¦
University Of Washington

Pine

= 4.21

References & Advisories

πŸ”— http://archives.neohapsis.com/archives/bugtraq/2000-08/0425.html
πŸ”— http://archives.neohapsis.com/archives/bugtraq/2000-08/0437.html
πŸ”— http://archives.neohapsis.com/archives/freebsd/2000-09/0108.html
πŸ”— http://www.securityfocus.com/bid/1646
πŸ”— http://www.securityfocus.com/bid/1687
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/5223
πŸ”— http://archives.neohapsis.com/archives/bugtraq/2000-08/0425.html
πŸ”— http://archives.neohapsis.com/archives/bugtraq/2000-08/0437.html

Related Vulnerabilities

CVE-1999-000510.0

Arbitrary command execution via IMAP buffer overflow in authenticate command.

CVE-1999-092010.0

Buffer overflow in the pop-2d POP daemon in the IMAP package allows remote attackers to gain privileges via the FOLD command.

CVE-1999-004210.0

Buffer overflow in University of Washington's implementation of IMAP and POP servers.

CVE-2000-023310.0

SuSE Linux IMAP server allows remote attackers to bypass IMAP authentication and gain privileges.