📦

pine

Vendor: university_of_washington

Actively Exploited 0 CISA KEV List

PoC / Exploits 5 Code Available

Total RCEs 6 Remote Access

Total CVEs 19 Total Indexed

Avg. EPSS 4.32% Exploit Prob.

Latest CVE CVE-2005-1066 May 02

Security Vulnerability Index

Page 2 / 2

7.5 CVSS

CVE-2000-0909

RCE Exploit Found

Buffer overflow in the automatic mail checking component of Pine 4.21 and earlier allows remote attackers to execute arbitrary commands via a long From: header.

EPSS: 11.04%

Severity: HIGH

Dec 19, 2000

7.5 CVSS

CVE-2000-0847

RCE

Buffer overflow in University of Washington c-client library (used by pine and other programs) allows remote attackers to execute arbitrary commands via a long X-Keywords header.

EPSS: 1.43%

Severity: HIGH

Nov 14, 2000

10.0 CVSS

CVE-2000-0352

RCE

Pine before version 4.21 does not properly filter shell metacharacters from URLs, which allows remote attackers to execute arbitrary commands via a malformed URL.

EPSS: 1.73%

Severity: HIGH

Nov 18, 1999

10.0 CVSS

CVE-2000-0353

RCE

Pine 4.x allows a remote attacker to execute arbitrary commands via an index.html file which executes lynx and obtains a uudecoded file from a malicious web server, which is then executed by Pine.

EPSS: 3.36%

Severity: HIGH

Jun 28, 1999

0.0 CVSS

CVE-1999-0004

EPSS: 0.00%

Severity:

Jan 01, 0001

Displaying 5 of 19 Total Entries

1 2

Total 2 Sections