header-logo
Suggest Exploit
vendor:
Pegasus Mail
by:
SecurityFocus
7.5
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: Pegasus Mail
Affected Version From: 04.01
Affected Version To: 04.01
Patch Exists: Yes
Related CWE: N/A
CPE: //a:pegasus_mail
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows, DOS
2002

Pegasus Mail Buffer Overflow Vulnerability

Pegasus Mail is vulnerable to a buffer overflow condition when processing some long message headers. If either the 'To:' or 'From:' message headers are longer than approximately 259 characters, Pegasus may crash when displaying the message.

Mitigation:

Upgrade to the latest version of Pegasus Mail
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/5302/info

Pegasus Mail is an email client for Microsoft Windows and DOS based systems. A buffer overflow vulnerability has been reported in some versions of Pegasus Mail.

Reportedly, Pegasus is vulnerable to a buffer overflow condition when processing some long message headers. If either the 'To:' or 'From:' message headers are longer than approximately 259 characters, Pegasus may crash when displaying the message.

This issue has been reported in Pegasus Mail 4.01. Earlier versions may share this vulnerability, this has not however been confirmed.

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/21648.zip

Navigation

Suggest Exploit

Services By CQR