Exploitation Summary
EIP tracks 1 public exploit for CVE-2000-0930. PoCs published by Imran Ghory.
AI-analyzed exploit summary This exploit leverages a vulnerability in Pegasus Mail client where a malicious HTML image tag can force the client to send local files to an arbitrary email address without user interaction. The attack is triggered by loading a webpage containing the crafted `<img>` tag.
Description
Pegasus Mail 3.12 allows remote attackers to read arbitrary files via an embedded URL that calls the mailto: protocol with a -F switch.
Exploits (1)
This exploit leverages a vulnerability in Pegasus Mail client where a malicious HTML image tag can force the client to send local files to an arbitrary email address without user interaction. The attack is triggered by loading a webpage containing the crafted `<img>` tag.