Vulnerability Details CVE-2000-0909
Buffer overflow in the automatic mail checking component of Pine 4.21 and earlier allows remote attackers to execute arbitrary commands via a long From: header.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.11
EPSS Ranking 93.0%
CVSS Severity
CVSS v2 Score 7.5
References
- ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:59.pine.asc
- http://archives.neohapsis.com/archives/bugtraq/2000-10/0441.html
- http://www.linux-mandrake.com/en/security/MDKSA-2000-073.php3
- http://www.redhat.com/support/errata/RHSA-2000-102.html
- http://www.securityfocus.com/archive/1/84901
- http://www.securityfocus.com/bid/1709
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5283
- ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:59.pine.asc
- http://archives.neohapsis.com/archives/bugtraq/2000-10/0441.html
- http://www.linux-mandrake.com/en/security/MDKSA-2000-073.php3
- http://www.redhat.com/support/errata/RHSA-2000-102.html
- http://www.securityfocus.com/archive/1/84901
- http://www.securityfocus.com/bid/1709
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5283
Products affected by CVE-2000-0909
-
cpe:2.3:a:university_of_washington:pine:4.0.4
-
cpe:2.3:a:university_of_washington:pine:4.10
-
cpe:2.3:a:university_of_washington:pine:4.21