icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Pegasus Email Client < 4.31 Multiple Remote Overflows

Medium

Synopsis

The remote host is vulnerable to several remote buffer overflows.

Description

The remote host is running the Pegasus Email client. This version of Pegasus is vulnerable to two (2) distinct remote buffer overflows. In the first instance, an attacker, convincing a Pegasus user to connect to a malicious server, can cause a buffer overflow resulting in execution of arbitrary code. In the second instance, an attacker would need to be able to convince a Pegasus user to view the email 'headers'. Successful exploitation would result in the execution of arbitrary code.

Solution

Upgrade to version 4.31 or higher.