Filtered by vendor University Of Washington Subscriptions
Total 34 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2005-1066 1 University Of Washington 1 Pine 2025-04-03 N/A
Race condition in rpdump in Pine 4.62 and earlier allows local users to overwrite arbitrary files via a symlink attack.
CVE-2006-1392 1 University Of Washington 1 Pubcookie 2025-04-03 N/A
Multiple cross-site scripting (XSS) vulnerabilities in index.cgi in the login server in University of Washington Pubcookie 3.0.0, 3.1.0, 3.1.1, 3.2 before 3.2.1b, and 3.3 before 3.3.0a allow remote attackers to inject arbitrary web script or HTML via unspecified inputs.
CVE-2005-0198 2 Redhat, University Of Washington 2 Enterprise Linux, Uw-imap 2025-04-03 N/A
A logic error in the CRAM-MD5 code for the University of Washington IMAP (UW-IMAP) server, when Challenge-Response Authentication Mechanism with MD5 (CRAM-MD5) is enabled, does not properly enforce all the required conditions for successful authentication, which allows remote attackers to authenticate as arbitrary users.
CVE-2002-1782 1 University Of Washington 1 Uw-imap 2025-04-03 N/A
The default configuration of University of Washington IMAP daemon (wu-imapd), when running on a system that does not allow shell access, allows a local user with a valid IMAP account to read arbitrary files as that user.
CVE-2002-2325 1 University Of Washington 1 Pine 2025-04-03 N/A
The c-client library in Internet Message Access Protocol (IMAP) dated before 2002 RC2, as used by Pine 4.20 through 4.44, allows remote attackers to cause a denial of service (client crash) via a MIME-encoded email with Content-Type header containing an empty boundary field.
CVE-2003-0300 8 Microsoft, Mozilla, Mutt and 5 more 8 Outlook Express, Mozilla, Mutt and 5 more 2025-04-03 N/A
The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors.
CVE-2003-0297 2 Redhat, University Of Washington 4 Enterprise Linux, C-client, Imap-2002b and 1 more 2025-04-03 N/A
c-client IMAP Client, as used in imap-2002b and Pine 4.53, allows remote malicious IMAP servers to cause a denial of service (crash) and possibly execute arbitrary code via certain large (1) literal and (2) mailbox size values that cause either integer signedness errors or integer overflow errors.
CVE-2005-2933 2 Redhat, University Of Washington 3 Enterprise Linux, Rhel Stronghold, Uw-imap 2025-04-03 N/A
Buffer overflow in the mail_valid_net_parse_work function in mail.c for Washington's IMAP Server (UW-IMAP) before imap-2004g allows remote attackers to execute arbitrary code via a mailbox name containing a single double-quote (") character without a closing quote, which causes bytes after the double-quote to be copied into a buffer indefinitely.
CVE-2000-0284 1 University Of Washington 1 Imap 2025-04-03 N/A
Buffer overflow in University of Washington imapd version 4.7 allows users with a valid account to execute commands via LIST or other commands.
CVE-2006-1393 1 University Of Washington 1 Pubcookie 2025-04-03 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the mod_pubcookie Apache application server module in University of Washington Pubcookie 1.x, 3.0.0, 3.1.0, 3.1.1, 3.2 before 3.2.1b, and 3.3 before 3.3.0a allow remote attackers to inject arbitrary web script or HTML via unspecified attack vectors.
CVE-1999-0004 3 Hp, Sco, University Of Washington 3 Dtmail, Unixware, Pine 2025-04-03 N/A
MIME buffer overflow in email clients, e.g. Solaris mailtool and Outlook.
CVE-2006-1394 1 University Of Washington 1 Pubcookie 2025-04-03 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the Microsoft IIS ISAPI filter (aka application server module) in University of Washington Pubcookie 3.1.0, 3.1.1, 3.2 before 3.2.1b, and 3.3 before 3.3.0a allow remote attackers to inject arbitrary web script or HTML via unspecified attack vectors.
CVE-1999-0005 2 Netscape, University Of Washington 2 Messaging Server, Imap 2025-04-03 N/A
Arbitrary command execution via IMAP buffer overflow in authenticate command.
CVE-1999-0202 1 University Of Washington 1 Wu-ftpd 2025-04-03 N/A
The GNU tar command, when used in FTP sessions, may allow an attacker to execute arbitrary commands.