Pegasus Email Client < 4.31 Multiple Remote Overflows
Medium Nessus Network Monitor Plugin ID 3332
SynopsisThe remote host is vulnerable to several remote buffer overflows.
DescriptionThe remote host is running the Pegasus Email client. This version of Pegasus is vulnerable to two (2) distinct remote buffer overflows. In the first instance, an attacker, convincing a Pegasus user to connect to a malicious server, can cause a buffer overflow resulting in execution of arbitrary code. In the second instance, an attacker would need to be able to convince a Pegasus user to view the email 'headers'. Successful exploitation would result in the execution of arbitrary code.
SolutionUpgrade to version 4.31 or higher.