Pine 4.2.1 through 4.4.4 puts Unix usernames and/or uid into Sender: and X-Sender: headers, which could allow remote attackers to obtain sensitive information.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Pine | University_of_washington | 4.30 | 4.30 |
Pine | University_of_washington | 4.21 | 4.21 |
Pine | University_of_washington | 4.44 | 4.44 |
Pine | University_of_washington | 4.33 | 4.33 |