CVE-2002-2325

Exploit

EPSS 3.66%
Published 31.12.2002 05:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

The c-client library in Internet Message Access Protocol (IMAP) dated before 2002 RC2, as used by Pine 4.20 through 4.44, allows remote attackers to cause a denial of service (client crash) via a MIME-encoded email with Content-Type header containing an empty boundary field.

Affected products Warnungen 0 Metrics 2 CWE 1 References 6

Data is provided by the National Vulnerability Database (NVD)

University Of Washington ≫ Pine Version4.20

University Of Washington ≫ Pine Version4.21

University Of Washington ≫ Pine Version4.30

University Of Washington ≫ Pine Version4.33

University Of Washington ≫ Pine Version4.44

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	3.66%	0.874

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	10	6.9	AV:N/AC:L/Au:N/C:N/I:N/A:C

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://online.securityfocus.com/archive/1/284086

http://www.iss.net/security_center/static/9668.php

Patch

http://www.securityfocus.com/bid/5301

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2002-2325

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2002-2325

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2002-2325

EUVD