CVE-2005-1066

all versions

Race condition in rpdump in Pine 4.62 and earlier allows local users to overwrite arbitrary files via a symlink attack.

CVE-2003-0721

< 4.58

Integer signedness error in rfc2231_get_param from strings.c in PINE before 4.58 allows remote attackers to execute arbitrary code

CVE-2003-0720

all versions

Buffer overflow in PINE before 4.58 allows remote attackers to execute arbitrary code via a malformed message/external-body MIME t

CVE-2003-0300

all versions

The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large li

CVE-2003-0297

all versions

c-client IMAP Client, as used in imap-2002b and Pine 4.53, allows remote malicious IMAP servers to cause a denial of service (cras

CVE-2002-2325

all versions

The c-client library in Internet Message Access Protocol (IMAP) dated before 2002 RC2, as used by Pine 4.20 through 4.44, allows r

CVE-2002-1903

all versions

Pine 4.2.1 through 4.4.4 puts Unix usernames and/or uid into Sender: and X-Sender: headers, which could allow remote attackers to

CVE-2002-1320

all versions

Pine 4.44 and earlier allows remote attackers to cause a denial of service (core dump and failed restart) via an email message wit

CVE-2002-0014

all versions

URL-handling code in Pine 4.43 and earlier allows remote attackers to execute arbitrary commands via a URL enclosed in single quot

CVE-2001-0736

<= 4.33

Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arb

CVE-2000-0909

all versions

Buffer overflow in the automatic mail checking component of Pine 4.21 and earlier allows remote attackers to execute arbitrary com

CVE-2000-0847

all versions

Buffer overflow in University of Washington c-client library (used by pine and other programs) allows remote attackers to execute

CVE-2000-0352

all versions

Pine before version 4.21 does not properly filter shell metacharacters from URLs, which allows remote attackers to execute arbitra

CVE-2000-0353

all versions

Pine 4.x allows a remote attacker to execute arbitrary commands via an index.html file which executes lynx and obtains a uudecoded

CVE-1999-0004

all versions

MIME buffer overflow in email clients, e.g. Solaris mailtool and Outlook.

CVE-1999-1187

<= 3.94

Pine before version 3.94 allows local users to gain privileges via a symlink attack on a lockfile that is created when a user rece