CVE-1999-1366

CVSS 2.0 Score 3.6 of 10 (low)

Details

Published May 15, 1999

Updated: Nov 20, 2024

Summary

CVE-1999-1366: Pegasus e-mail client versions prior to 3.0 store POP3 passwords in an insecure manner in the pmail.ini file. This vulnerability allows local users to decrypt the weakly encrypted passwords and subsequently gain unauthorized access to e-mail accounts. This issue poses a significant risk for confidential information disclosure and should be addressed by updating to the latest version of the Pegasus e-mail client or implementing stronger password storage methods.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/NWlXHD
https://www.cve.org/CVERecord?id=CVE-1999-1366
https://nvd.nist.gov/vuln/detail/CVE-1999-1366

Back to Vulnerability Database

CVE-1999-1366

CVSS 2.0 Score 3.6 of 10 (low)

Details

Summary

Advisories, Assessments, and Mitigations