CVE-2002-2325

Description

The c-client library in Internet Message Access Protocol (IMAP) dated before 2002 RC2, as used by Pine 4.20 through 4.44, allows remote attackers to cause a denial of service (client crash) via a MIME-encoded email with Content-Type header containing an empty boundary field.

Affected products

• university_of_washington / pine4.20 – 4.20
• university_of_washington / pine4.21 – 4.21
• university_of_washington / pine4.30 – 4.30
• university_of_washington / pine4.33 – 4.33
• university_of_washington / pine4.44 – 4.44

References

• MISChttp://www.iss.net/security_center/static/9668.php
• MISChttp://online.securityfocus.com/archive/1/284086
• MISChttp://www.securityfocus.com/bid/5301