winpm-32.exe in Pegasus Mail (aka Pmail) v4.72 build 572 allows code execution via a crafted ssgp.dll file that must be installed locally. For example, if ssgp.dll is on the desktop and executes arbitrary code in the DllMain function, then clicking on a mailto: link on a remote web page triggers the attack.
Max CVSS
7.3
EPSS Score
0.05%
Published
2017-05-21
Updated
2017-06-02
Stack-based buffer overflow in Pegasus Mail (PMail) 4.41 and possibly 4.51 allows remote POP3 servers to cause a denial of service (application crash) or possibly execute arbitrary code via a long error message.
Max CVSS
9.3
EPSS Score
3.09%
Published
2009-11-02
Updated
2018-10-10

CVE-2007-4440

Public exploit
Stack-based buffer overflow in the MercuryS SMTP server in Mercury Mail Transport System, possibly 4.51 and earlier, allows remote attackers to execute arbitrary code via a long AUTH CRAM-MD5 string. NOTE: this might overlap CVE-2006-5961.
Max CVSS
7.5
EPSS Score
74.49%
Published
2007-08-21
Updated
2017-09-29

CVE-2007-1373

Public exploit
Stack-based buffer overflow in Mercury/32 (aka Mercury Mail Transport System) 4.01b and earlier allows remote attackers to execute arbitrary code via a long LOGIN command. NOTE: this might be the same issue as CVE-2006-5961.
Max CVSS
10.0
EPSS Score
84.27%
Published
2007-03-10
Updated
2017-07-29
Buffer overflow in the IMAP service of Mercury (Pegasus) Mail 4.01 allows remote attackers to execute arbitrary code via a long SELECT command.
Max CVSS
10.0
EPSS Score
4.17%
Published
2004-12-31
Updated
2017-10-19
Buffer overflow in SMTP HELO command in Sendmail allows a remote attacker to hide activities.
Max CVSS
10.0
EPSS Score
0.84%
Published
1998-04-01
Updated
2022-08-17
6 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!