Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2003-0720Improper Restriction of Operations within the Bounds of a Memory Buffer in OF Washington Pine

7 documents7 sources
Severity
7.5HIGHNVD
EPSS
19.3%
top 4.63%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
University OF Washington Pine
Timeline
PublishedSep 17
Latest updateApr 29

Description

Buffer overflow in PINE before 4.58 allows remote attackers to execute arbitrary code via a malformed message/external-body MIME type.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

NVDuniversity_of_washington/pine13 versions+12

Patches

Patch: www.idefense.comPatch: www.redhat.comPatch: www.idefense.com

🔴Vulnerability Details

2
GHSA
GHSA-6ghc-crcm-37mf: Buffer overflow in PINE before 42022-04-29
CVEList
CVE-2003-0720: Buffer overflow in PINE before 42003-09-12

💥Exploits & PoCs

1
Exploit-DB
Pine 4.56 - Remote Buffer Overflow2003-09-16

📋Vendor Advisories

2
Red Hat
security flaw2003-09-10
Debian
CVE-2003-0720: alpine - Buffer overflow in PINE before 4.58 allows remote attackers to execute arbitrary...2003

💬Community

1
Bugzilla
CVE-2003-0720 security flaw2018-08-16
CVE-2003-0720 — OF Washington Pine vulnerability | cvebase