David Harris Pegasus Mail — known CVE vulnerabilities
Every CVE whose affected-product data names David Harris Pegasus Mail, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2000-0931 — CVSS 7.5 (high): Buffer overflow in Pegasus Mail 3.11 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a…
CVE-2002-1075 — CVSS 7.5 (high): Buffer overflow in Pegasus mail client 4.01 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute…
CVE-2005-4444 — CVSS 5.1 (medium): Stack-based buffer overflow in the trace message functionality in Pegasus Mail 4.21a through 4.21c and 4.30PB1 allow remote attackers to…
CVE-2005-4445 — CVSS 5.1 (medium): Off-by-one error in Pegasus Mail 4.21a through 4.21c and 4.30PB1 allows remote attackers to execute arbitrary code via a long email message…
CVE-2000-0930 — CVSS 5.0 (medium): Pegasus Mail 3.12 allows remote attackers to read arbitrary files via an embedded URL that calls the mailto: protocol with a -F switch.
CVE-1999-1366 — CVSS 3.6 (low): Pegasus e-mail client 3.0 and earlier uses weak encryption to store POP3 passwords in the pmail.ini file, which allows local users to…