CyberSec.Space Logo
返回 CVE 浏览器

CVE-2009-3838

CRITICAL
9.3
CVSS Severity Score
EPSS Score0.0140%
EPSS Percentile38.53th
Published2009年11月2日
Last Modified2026年4月23日

Vulnerability Description

Stack-based buffer overflow in Pegasus Mail (PMail) 4.41 and possibly 4.51 allows remote POP3 servers to cause a denial of service (application crash) or possibly execute arbitrary code via a long error message.

Affected Platforms (CPE)

📦
Pmail

Pegasus Mail

= 4.41
📦
Pmail

Pegasus Mail

= 4.51

References & Advisories

🔗 http://osvdb.org/59261
🔗 http://secunia.com/advisories/37134
🔗 http://www.packetstormsecurity.org/0910-exploits/pegasusmc-dos.txt
🔗 http://www.securityfocus.com/archive/1/507377/100/0/threaded
🔗 http://www.securityfocus.com/bid/36797
🔗 http://www.securitytracker.com/id?1023075
🔗 http://www.vupen.com/english/advisories/2009/3026
🔗 http://www.vupen.com/exploits/Pegasus_Mail_POP3_Message_Handling_Remote_Buffer_Overflow_Exploit_3026233.php

相关漏洞威胁

CVE-2004-251310.0

Buffer overflow in the IMAP service of Mercury (Pegasus) Mail 4.01 allows remote attackers to execute arbitrary code via a long SE...

CVE-2002-10757.5

Buffer overflow in Pegasus mail client 4.01 and earlier allows remote attackers to cause a denial of service (crash) and possibly ...

CVE-2000-09317.5

Buffer overflow in Pegasus Mail 3.11 allows remote attackers to cause a denial of service and possibly execute arbitrary commands ...

CVE-2017-90467.3

winpm-32.exe in Pegasus Mail (aka Pmail) v4.72 build 572 allows code execution via a crafted ssgp.dll file that must be installed ...