David Harris: >> Pegasus Mail Security Vulnerabilities
Stack-based buffer overflow in the trace message functionality in Pegasus Mail 4.21a through 4.21c and 4.30PB1 allow remote attackers to execute arbitrary code via a long POP3 reply.
CVSS Score
5.1
EPSS Score
0.063
Published
2005-12-21
Off-by-one error in Pegasus Mail 4.21a through 4.21c and 4.30PB1 allows remote attackers to execute arbitrary code via a long email message header, which triggers a one-byte buffer overflow.
CVSS Score
5.1
EPSS Score
0.048
Published
2005-12-21
Buffer overflow in Pegasus mail client 4.01 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long (1) To or (2) From headers.
CVSS Score
7.5
EPSS Score
0.073
Published
2002-10-04
Pegasus Mail 3.12 allows remote attackers to read arbitrary files via an embedded URL that calls the mailto: protocol with a -F switch.
CVSS Score
5.0
EPSS Score
0.051
Published
2000-12-19
Buffer overflow in Pegasus Mail 3.11 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long email message containing binary data.
CVSS Score
7.5
EPSS Score
0.012
Published
2000-12-19
Pegasus e-mail client 3.0 and earlier uses weak encryption to store POP3 passwords in the pmail.ini file, which allows local users to easily decrypt the passwords and read e-mail.
CVSS Score
3.6
EPSS Score
0.001
Published
1999-05-15