Vulnerabilities > David Harris > Pegasus Mail
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-12-21 | CVE-2005-4445 | Remote Code Execution vulnerability in Pegasus Mail Off-by-one error in Pegasus Mail 4.21a through 4.21c and 4.30PB1 allows remote attackers to execute arbitrary code via a long email message header, which triggers a one-byte buffer overflow. | 5.1 |
| 2005-12-21 | CVE-2005-4444 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in David Harris Pegasus Mail Stack-based buffer overflow in the trace message functionality in Pegasus Mail 4.21a through 4.21c and 4.30PB1 allow remote attackers to execute arbitrary code via a long POP3 reply. | 5.1 |
| 2002-10-04 | CVE-2002-1075 | Buffer Overflow vulnerability in Pegasus Mail Message Header Buffer overflow in Pegasus mail client 4.01 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long (1) To or (2) From headers. | 7.5 |
| 2000-12-19 | CVE-2000-0931 | Buffer Overflow vulnerability in David Harris Pegasus Mail 3.11 Buffer overflow in Pegasus Mail 3.11 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long email message containing binary data. | 7.5 |
| 2000-12-19 | CVE-2000-0930 | Unspecified vulnerability in David Harris Pegasus Mail 3.12 Pegasus Mail 3.12 allows remote attackers to read arbitrary files via an embedded URL that calls the mailto: protocol with a -F switch. | 5.0 |
| 1999-05-15 | CVE-1999-1366 | Unspecified vulnerability in David Harris Pegasus Mail Pegasus e-mail client 3.0 and earlier uses weak encryption to store POP3 passwords in the pmail.ini file, which allows local users to easily decrypt the passwords and read e-mail. | 3.6 |