CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
AI Score
Confidence
High
EPSS
Percentile
89.7%
The c-client library in Internet Message Access Protocol (IMAP) dated before 2002 RC2, as used by Pine 4.20 through 4.44, allows remote attackers to cause a denial of service (client crash) via a MIME-encoded email with Content-Type header containing an empty boundary field.
Vendor | Product | Version | CPE |
---|---|---|---|
university_of_washington | pine | 4.20 | cpe:2.3:a:university_of_washington:pine:4.20:*:*:*:*:*:*:* |
university_of_washington | pine | 4.21 | cpe:2.3:a:university_of_washington:pine:4.21:*:*:*:*:*:*:* |
university_of_washington | pine | 4.30 | cpe:2.3:a:university_of_washington:pine:4.30:*:*:*:*:*:*:* |
university_of_washington | pine | 4.33 | cpe:2.3:a:university_of_washington:pine:4.33:*:*:*:*:*:*:* |
university_of_washington | pine | 4.44 | cpe:2.3:a:university_of_washington:pine:4.44:*:*:*:*:*:*:* |