Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2002-1320 — OF Washington Pine vulnerability

6 documents6 sources

Severity

5.0MEDIUMNVD

EPSS

16.4%

top 5.13%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

University OF Washington Pine

Timeline

PublishedDec 11

Latest updateApr 30

Description

Pine 4.44 and earlier allows remote attackers to cause a denial of service (core dump and failed restart) via an email message with a From header that contains a large number of quotation marks (").

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDuniversity_of_washington/pine9 versions+8

Patches

Patch: www.redhat.com ↗Patch: www.securityfocus.com ↗Patch: www.redhat.com ↗

🔴Vulnerability Details

GHSA

GHSA-vhmc-868h-cjpg: Pine 4↗2022-04-30

▶

CVEList

CVE-2002-1320: Pine 4↗2004-09-01

▶

💥Exploits & PoCs

Exploit-DB

Pine 4.x - 'From:' Heap Corruption↗2002-11-07

▶

📋Vendor Advisories

Red Hat

security flaw↗2002-11-07

▶

💬Community

Bugzilla

CVE-2002-1320 security flaw↗2018-08-16

▶