Main Vulnerability Database Vulnerabilities #VU38966

Input validation error in pegasus - CVE-2017-9046

Published: May 21, 2017 / Updated: August 8, 2020

Vulnerability identifier: #VU38966

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2017-9046

CWE-ID: CWE-20

Exploitation vector: Local access

Exploit availability: No public exploit available

Vendor: romjacket

Affected software:
pegasus

Detailed vulnerability description

The vulnerability allows a local authenticated user to execute arbitrary code.

winpm-32.exe in Pegasus Mail (aka Pmail) v4.72 build 572 allows code execution via a crafted ssgp.dll file that must be installed locally. For example, if ssgp.dll is on the desktop and executes arbitrary code in the DllMain function, then clicking on a mailto: link on a remote web page triggers the attack.

How to mitigate CVE-2017-9046

Install update from vendor's website.

Sources

https://packetstormsecurity.com/files/142606/Pegasus-4.72-Build-572-Remote-Code-Execution.html

Input validation error in pegasus - CVE-2017-9046

Detailed vulnerability description

How to mitigate CVE-2017-9046

Sources

Please verify you're human