CyberSec.Space Logo
返回 CVE 浏览器

CVE-2002-2325

HIGH
7.8
CVSS Severity Score
EPSS Score0.0940%
EPSS Percentile28.02th
Published2002年12月31日
Last Modified2026年4月16日

Vulnerability Description

The c-client library in Internet Message Access Protocol (IMAP) dated before 2002 RC2, as used by Pine 4.20 through 4.44, allows remote attackers to cause a denial of service (client crash) via a MIME-encoded email with Content-Type header containing an empty boundary field.

Affected Platforms (CPE)

📦
University Of Washington

Pine

= 4.20
📦
University Of Washington

Pine

= 4.21
📦
University Of Washington

Pine

= 4.30
📦
University Of Washington

Pine

= 4.33
📦
University Of Washington

Pine

= 4.44

References & Advisories

🔗 http://online.securityfocus.com/archive/1/284086
🔗 http://www.iss.net/security_center/static/9668.php
🔗 http://www.securityfocus.com/bid/5301
🔗 http://online.securityfocus.com/archive/1/284086
🔗 http://www.iss.net/security_center/static/9668.php
🔗 http://www.securityfocus.com/bid/5301

相关漏洞威胁

CVE-2000-035310.0

Pine 4.x allows a remote attacker to execute arbitrary commands via an index.html file which executes lynx and obtains a uudecoded...

CVE-2000-035210.0

Pine before version 4.21 does not properly filter shell metacharacters from URLs, which allows remote attackers to execute arbitra...

CVE-2000-08477.5

Buffer overflow in University of Washington c-client library (used by pine and other programs) allows remote attackers to execute ...

CVE-2000-09097.5

Buffer overflow in the automatic mail checking component of Pine 4.21 and earlier allows remote attackers to execute arbitrary com...