Pegasus Mail Multiple Remote Code Execution Vulnerabilities

Pegasus Mail Multiple Remote Code Execution Vulnerabilities

Pegasus Mail is prone to multiple remote code execution vulnerabilities.

The following specific vulnerabilities were identified:

A buffer overflow vulnerability arises when the application handles a malformed POP3 reply from a server.

An off-by-one buffer overflow vulnerability arises when the application handles a malicious email message.

Pegasus Mail 4.21c and 4.30PB1 are reportedly vulnerable. Other versions may be affected as well.