CyberSec.Space Logo
返回 CVE 浏览器

CVE-2000-0909

HIGH
7.5
CVSS Severity Score
EPSS Score0.0650%
EPSS Percentile21.40th
Published2000年12月19日
Last Modified2026年4月16日

Vulnerability Description

Buffer overflow in the automatic mail checking component of Pine 4.21 and earlier allows remote attackers to execute arbitrary commands via a long From: header.

Affected Platforms (CPE)

📦
University Of Washington

Pine

= 4.0.4
📦
University Of Washington

Pine

= 4.10
📦
University Of Washington

Pine

= 4.21

References & Advisories

🔗 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:59.pine.asc
🔗 http://archives.neohapsis.com/archives/bugtraq/2000-10/0441.html
🔗 http://www.linux-mandrake.com/en/security/MDKSA-2000-073.php3
🔗 http://www.redhat.com/support/errata/RHSA-2000-102.html
🔗 http://www.securityfocus.com/archive/1/84901
🔗 http://www.securityfocus.com/bid/1709
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/5283
🔗 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:59.pine.asc

相关漏洞威胁

CVE-2000-035310.0

Pine 4.x allows a remote attacker to execute arbitrary commands via an index.html file which executes lynx and obtains a uudecoded...

CVE-2000-035210.0

Pine before version 4.21 does not properly filter shell metacharacters from URLs, which allows remote attackers to execute arbitra...

CVE-2002-23257.8

The c-client library in Internet Message Access Protocol (IMAP) dated before 2002 RC2, as used by Pine 4.20 through 4.44, allows r...

CVE-2000-08477.5

Buffer overflow in University of Washington c-client library (used by pine and other programs) allows remote attackers to execute ...