Описание
Integer signedness error in rfc2231_get_param from strings.c in PINE before 4.58 allows remote attackers to execute arbitrary code via an email that causes an out-of-bounds array access using a negative number.
Ссылки
- Broken Link
- Third Party Advisory
- Third Party Advisory
- Broken LinkExploitPatchVendor Advisory
- Broken LinkPatchVendor Advisory
- Broken Link
- Broken Link
- Broken Link
- Third Party Advisory
- Third Party Advisory
- Broken LinkExploitPatchVendor Advisory
- Broken LinkPatchVendor Advisory
- Broken Link
- Broken Link
Уязвимые конфигурации
Конфигурация 1Версия до 4.58 (исключая)
cpe:2.3:a:washington:pine:*:*:*:*:*:*:*:*
EPSS
Процентиль: 86%
0.02818
Низкий
7.5 High
CVSS2
Дефекты
CWE-129
Связанные уязвимости
redhat
почти 22 года назад
Integer signedness error in rfc2231_get_param from strings.c in PINE before 4.58 allows remote attackers to execute arbitrary code via an email that causes an out-of-bounds array access using a negative number.
debian
почти 22 года назад
Integer signedness error in rfc2231_get_param from strings.c in PINE b ...
github
больше 3 лет назад
Integer signedness error in rfc2231_get_param from strings.c in PINE before 4.58 allows remote attackers to execute arbitrary code via an email that causes an out-of-bounds array access using a negative number.
EPSS
Процентиль: 86%
0.02818
Низкий
7.5 High
CVSS2
Дефекты
CWE-129