CVE-2003-0297 — OF Washington Pine vulnerability

9 documents7 sources

Severity

7.5HIGHNVD

EPSS

0.9%

top 24.15%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

University OF Washington Pine

Timeline

PublishedJun 16

Latest updateApr 29

Description

c-client IMAP Client, as used in imap-2002b and Pine 4.53, allows remote malicious IMAP servers to cause a denial of service (crash) and possibly execute arbitrary code via certain large (1) literal and (2) mailbox size values that cause either integer signedness errors or integer overflow errors.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDuniversity_of_washington/pine4.53

🔴Vulnerability Details

GHSA

GHSA-22ph-2jjc-cggf: c-client IMAP Client, as used in imap-2002b and Pine 4↗2022-04-29

▶

OSV

CVE-2003-0297: c-client IMAP Client, as used in imap-2002b and Pine 4↗2003-06-16

▶

CVEList

CVE-2003-0297: c-client IMAP Client, as used in imap-2002b and Pine 4↗2003-05-15

▶

📋Vendor Advisories

Red Hat

security flaw↗2003-05-14

▶

Debian

CVE-2003-0297: alpine - c-client IMAP Client, as used in imap-2002b and Pine 4.53, allows remote malicio...↗2003

▶

💬Community

Bugzilla

CVE-2003-0297 security flaw↗2018-08-16

▶