CVE-2005-4445

Name of the Vulnerable Software and Affected Versions Pegasus Mail versions 4.21a through 4.21c Pegasus Mail version 4.30PB1

Description The issue is caused by an off-by-one error, which leads to a one-byte buffer overflow when a long email message header is processed. This can be exploited by remote attackers to execute arbitrary code.

Recommendations For Pegasus Mail versions 4.21a through 4.21c, update to a version outside of this range to mitigate the risk. For Pegasus Mail version 4.30PB1, update to a newer version to resolve the issue. As a temporary workaround, consider restricting the length of email message headers to prevent the buffer overflow until a patch is available.