CVE-2000-0847

3 documents3 sources

Severity

7.5HIGH

EPSS

1.4%

top 19.32%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

University OF Washington Imap University OF Washington Pine

Timeline

PublishedNov 14

Latest updateApr 30

Description

Buffer overflow in University of Washington c-client library (used by pine and other programs) allows remote attackers to execute arbitrary commands via a long X-Keywords header.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

▶NVDuniversity_of_washington/pine4.20, 4.21+1

▶NVDuniversity_of_washington/imap4.7b, 4.7c+1

🔴Vulnerability Details

GHSA

GHSA-gr5x-qv58-9jgc: Buffer overflow in University of Washington c-client library (used by pine and other programs) allows remote attackers to execute arbitrary commands v↗2022-04-30

▶

CVEList

CVE-2000-0847: Buffer overflow in University of Washington c-client library (used by pine and other programs) allows remote attackers to execute arbitrary commands v↗2001-01-22

▶