Lucene search

[email protected]NVD:CVE-2009-3838

HistoryNov 02, 2009 - 3:30 p.m.

CVE-2009-3838

2009-11-0215:30:00

CWE-119

[email protected]

web.nvd.nist.gov

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

8.3

Confidence

High

EPSS

0.027

Percentile

90.5%

JSON

Stack-based buffer overflow in Pegasus Mail (PMail) 4.41 and possibly 4.51 allows remote POP3 servers to cause a denial of service (application crash) or possibly execute arbitrary code via a long error message.

Affected configurations

Nvd

Node

pmailpegasus_mailMatch4.41

pmailpegasus_mailMatch4.51

VendorProductVersionCPE
pmailpegasus_mail4.41cpe:2.3:a:pmail:pegasus_mail:4.41:*:*:*:*:*:*:*
pmailpegasus_mail4.51cpe:2.3:a:pmail:pegasus_mail:4.51:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
pmail	pegasus_mail	4.41	cpe:2.3:a:pmail:pegasus_mail:4.41:::::::*
pmail	pegasus_mail	4.51	cpe:2.3:a:pmail:pegasus_mail:4.51:::::::*

References

osvdb.org/59261

secunia.com/advisories/37134

www.packetstormsecurity.org/0910-exploits/pegasusmc-dos.txt

www.securityfocus.com/archive/1/507377/100/0/threaded

www.securityfocus.com/bid/36797

www.securitytracker.com/id?1023075

www.vupen.com/english/advisories/2009/3026

www.vupen.com/exploits/Pegasus_Mail_POP3_Message_Handling_Remote_Buffer_Overflow_Exploit_3026233.php

exchange.xforce.ibmcloud.com/vulnerabilities/53933

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

8.3

Confidence

High

EPSS

0.027

Percentile

90.5%

JSON

Related for NVD:CVE-2009-3838

exploitdb1 openvas2 cvelist1 prion1 cve1