VYPR
Vendor

David Harris

Products
7
CVEs
19
Across products
20
Status
Private

Products

7

Recent CVEs

19
  • CVE-2017-9046HigMay 21, 2017
    risk 0.47cvss 7.3epss 0.01

    winpm-32.exe in Pegasus Mail (aka Pmail) v4.72 build 572 allows code execution via a crafted ssgp.dll file that must be installed locally. For example, if ssgp.dll is on the desktop and executes arbitrary code in the DllMain function, then clicking on a mailto: link on a remote…

  • CVE-2004-1211Jan 10, 2005
    risk 0.09cvss epss 0.72

    Multiple buffer overflows in the IMAP service in Mercury/32 4.01a allow remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via long arguments to the (1) EXAMINE, (2) SUBSCRIBE, (3) STATUS, (4) APPEND, (5) CHECK, (6)…

  • CVE-2007-4440Aug 21, 2007
    risk 0.08cvss epss 0.65

    Stack-based buffer overflow in the MercuryS SMTP server in Mercury Mail Transport System, possibly 4.51 and earlier, allows remote attackers to execute arbitrary code via a long AUTH CRAM-MD5 string. NOTE: this might overlap CVE-2006-5961.

  • CVE-2007-1373Mar 10, 2007
    risk 0.08cvss epss 0.59

    Stack-based buffer overflow in Mercury/32 (aka Mercury Mail Transport System) 4.01b and earlier allows remote attackers to execute arbitrary code via a long LOGIN command. NOTE: this might be the same issue as CVE-2006-5961.

  • CVE-2005-4411Dec 20, 2005
    risk 0.08cvss epss 0.65

    Buffer overflow in Mercury Mail Transport System 4.01b allows remote attackers to execute arbitrary code via a long request to TCP port 105.

  • CVE-2004-2513Dec 31, 2004
    risk 0.04cvss epss 0.10

    Buffer overflow in the IMAP service of Mercury (Pegasus) Mail 4.01 allows remote attackers to execute arbitrary code via a long SELECT command.

  • CVE-2000-0930Dec 19, 2000
    risk 0.04cvss epss 0.08

    Pegasus Mail 3.12 allows remote attackers to read arbitrary files via an embedded URL that calls the mailto: protocol with a -F switch.

  • CVE-2009-3838Nov 2, 2009
    risk 0.03cvss epss 0.06

    Stack-based buffer overflow in Pegasus Mail (PMail) 4.41 and possibly 4.51 allows remote POP3 servers to cause a denial of service (application crash) or possibly execute arbitrary code via a long error message.

  • CVE-2007-5018Sep 20, 2007
    risk 0.03cvss epss 0.04

    Stack-based buffer overflow in IMAPD in Mercury/32 4.52 allows remote authenticated users to execute arbitrary code via a long argument in a SEARCH ON command. NOTE: this issue might overlap with CVE-2004-1211.

  • CVE-2007-2814May 22, 2007
    risk 0.03cvss epss 0.05

    Multiple stack-based buffer overflows in the Pegasus ImagN' ActiveX control (IMW32O40.OCX) 4.00.041 allow remote attackers to execute arbitrary code via (1) a long FileName parameter, or unspecified vectors involving the (2) BeginReport, (3) CreatePictureExA, (4) DefineImage,…

  • CVE-2006-5961Nov 17, 2006
    risk 0.03cvss epss 0.02

    Buffer overflow in Mercury Mail Transport System 4.01b for Windows has unknown impact and attack vectors, as originally reported in a GLEG VulnDisco pack. NOTE: the provenance of this information is unknown; the details are obtained from third party information. The original…

  • CVE-2002-1075Oct 4, 2002
    risk 0.03cvss epss 0.06

    Buffer overflow in Pegasus mail client 4.01 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long (1) To or (2) From headers.

  • CVE-2001-0442Jun 27, 2001
    risk 0.03cvss epss 0.05

    Buffer overflow in Mercury MTA POP3 server for NetWare 1.48 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long APOP command.

  • CVE-2020-10990Mar 26, 2020
    risk 0.00cvss epss 0.01

    An XXE issue exists in Accenture Mercury before 1.12.28 because of the platformlambda/core/serializers/SimpleXmlParser.java component.

  • CVE-2005-4444Dec 21, 2005
    risk 0.00cvss epss 0.03

    Stack-based buffer overflow in the trace message functionality in Pegasus Mail 4.21a through 4.21c and 4.30PB1 allow remote attackers to execute arbitrary code via a long POP3 reply.

  • CVE-2005-4445Dec 21, 2005
    risk 0.00cvss epss 0.03

    Off-by-one error in Pegasus Mail 4.21a through 4.21c and 4.30PB1 allows remote attackers to execute arbitrary code via a long email message header, which triggers a one-byte buffer overflow.

  • CVE-2000-0931Dec 19, 2000
    risk 0.00cvss epss 0.02

    Buffer overflow in Pegasus Mail 3.11 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long email message containing binary data.

  • CVE-1999-1366May 15, 1999
    risk 0.00cvss epss 0.00

    Pegasus e-mail client 3.0 and earlier uses weak encryption to store POP3 passwords in the pmail.ini file, which allows local users to easily decrypt the passwords and read e-mail.

  • CVE-1999-0098Apr 1, 1998
    risk 0.00cvss epss 0.03

    Buffer overflow in SMTP HELO command in Sendmail allows a remote attacker to hide activities.