Pine 4.2.1 through 4.4.4 puts Unix usernames and/or uid into Sender: and X-Sender: headers, which could allow remote attackers to obtain sensitive information.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2002-12-30 21:00
Updated : 2008-09-05 13:31
NVD link : CVE-2002-1903
Mitre link : CVE-2002-1903
JSON object : View
CWE
Products Affected
university_of_washington
- pine