Vulnerabilities (CVE)

Filtered by vendor David Harris Subscribe
Filtered by product Pegasus Mail
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2005-4445 1 David Harris 1 Pegasus Mail 2024-11-21 5.1 MEDIUM N/A
Off-by-one error in Pegasus Mail 4.21a through 4.21c and 4.30PB1 allows remote attackers to execute arbitrary code via a long email message header, which triggers a one-byte buffer overflow.
CVE-2005-4444 1 David Harris 1 Pegasus Mail 2024-11-21 5.1 MEDIUM N/A
Stack-based buffer overflow in the trace message functionality in Pegasus Mail 4.21a through 4.21c and 4.30PB1 allow remote attackers to execute arbitrary code via a long POP3 reply.
CVE-2002-1075 1 David Harris 1 Pegasus Mail 2024-11-20 7.5 HIGH N/A
Buffer overflow in Pegasus mail client 4.01 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long (1) To or (2) From headers.
CVE-2000-0931 1 David Harris 1 Pegasus Mail 2024-11-20 7.5 HIGH N/A
Buffer overflow in Pegasus Mail 3.11 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long email message containing binary data.
CVE-2000-0930 1 David Harris 1 Pegasus Mail 2024-11-20 5.0 MEDIUM N/A
Pegasus Mail 3.12 allows remote attackers to read arbitrary files via an embedded URL that calls the mailto: protocol with a -F switch.
CVE-1999-1366 1 David Harris 1 Pegasus Mail 2024-11-20 3.6 LOW N/A
Pegasus e-mail client 3.0 and earlier uses weak encryption to store POP3 passwords in the pmail.ini file, which allows local users to easily decrypt the passwords and read e-mail.