CVE-2000-0353

CVSS 2.0 Score 10 of 10 (high)

Details

Published Jun 28, 1999
Updated: Nov 20, 2024

Summary

CVE-2000-0353 is a vulnerability affecting Pine 4.x email clients. An attacker can exploit this weakness by crafting a malicious index.html file, which, when accessed, causes Pine to execute lynx and retrieve a uudecoded file from a malicious server. The decoded file is subsequently executed by Pine, allowing the attacker to execute arbitrary commands on the vulnerable system. This issue poses a significant risk as it allows remote code execution. Email users running Pine 4.x should update to a secure version or take appropriate measures to prevent access to potentially harmful files.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share