Lucene search

MitreCVE-2001-0996

HistoryFeb 02, 2002 - 5:00 a.m.

CVE-2001-0996

2002-02-0205:00:00

mitre

web.nvd.nist.gov

cve-2001-0996

pop3lite

0.2.4

email security

vulnerability

remote attack

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

AI Score

7.1

Confidence

High

EPSS

0.004

Percentile

72.3%

JSON

POP3Lite before 0.2.4 does not properly quote a . (dot) in an email message, which could allow a remote attacker to append arbitrary text to the end of an email message, which could then be interpreted by various mail clients as valid POP server responses or other input that could cause clients to crash or otherwise behave unexpectedly.

Affected configurations

Nvd

Node

pop3litepop3liteMatch0.2.3

pop3litepop3liteMatch0.2.3b

VendorProductVersionCPE
pop3litepop3lite0.2.3cpe:2.3:a:pop3lite:pop3lite:0.2.3:*:*:*:*:*:*:*
pop3litepop3lite0.2.3bcpe:2.3:a:pop3lite:pop3lite:0.2.3b:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
pop3lite	pop3lite	0.2.3	cpe:2.3:a:pop3lite:pop3lite:0.2.3:::::::*
pop3lite	pop3lite	0.2.3b	cpe:2.3:a:pop3lite:pop3lite:0.2.3b:::::::*

References

archives.neohapsis.com/archives/bugtraq/2001-08/0436.html

www.securityfocus.com/bid/3278

exchange.xforce.ibmcloud.com/vulnerabilities/7075

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

AI Score

7.1

Confidence

High

EPSS

0.004

Percentile

72.3%

JSON

Related for CVE-2001-0996