CVE-1999-1366

CVSS 2.0 Score 3.6 of 10 (low)

Details

Published May 15, 1999
Updated: Oct 18, 2016

Summary

CVE-1999-1366 is a vulnerability affecting Pegasus e-mail client version 3.0 and earlier. The issue lies in the weak encryption used to store POP3 passwords in the pmail.ini file. Local users can take advantage of this vulnerability to decrypt the passwords and gain unauthorized access to e-mail accounts. This weakness in security poses a significant risk to users' confidential data. It is recommended that affected users upgrade to a secure version of Pegasus e-mail client or take other measures to protect their passwords.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share