Vendor

PINE

Products

CVEs

Across products

Status

Private

Products

CVE	Vendor / Product	Risk	CVSS	EPSS	Published	Description
CVE-2001-0736	PINE PINE	0.03	—	0.01	Oct 18, 2001	Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack.
CVE-2003-0721	PINE PINE	0.00	—	0.04	Sep 17, 2003	Integer signedness error in rfc2231_get_param from strings.c in PINE before 4.58 allows remote attackers to execute arbitrary code via an email that causes an out-of-bounds array access using a negative number.
CVE-2002-0014	PINE PINE	0.00	—	0.02	Jul 26, 2002	URL-handling code in Pine 4.43 and earlier allows remote attackers to execute arbitrary commands via a URL enclosed in single quotes and containing shell metacharacters (&).
CVE-2000-0352	PINE PINE	0.00	—	0.04	Nov 18, 1999	Pine before version 4.21 does not properly filter shell metacharacters from URLs, which allows remote attackers to execute arbitrary commands via a malformed URL.

CVE-2001-0736Oct 18, 2001
PINE
PINE
risk 0.03cvss —epss 0.01
Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack.
CVE-2003-0721Sep 17, 2003
PINE
PINE
risk 0.00cvss —epss 0.04
Integer signedness error in rfc2231_get_param from strings.c in PINE before 4.58 allows remote attackers to execute arbitrary code via an email that causes an out-of-bounds array access using a negative number.
CVE-2002-0014Jul 26, 2002
PINE
PINE
risk 0.00cvss —epss 0.02
URL-handling code in Pine 4.43 and earlier allows remote attackers to execute arbitrary commands via a URL enclosed in single quotes and containing shell metacharacters (&).
CVE-2000-0352Nov 18, 1999
PINE
PINE
risk 0.00cvss —epss 0.04
Pine before version 4.21 does not properly filter shell metacharacters from URLs, which allows remote attackers to execute arbitrary commands via a malformed URL.