Pegasus Mail 3.12 allows remote attackers to read arbitrary files via an embedded URL that calls the mailto: protocol with a -F switch.Referenceshttp://archives.neohapsis.com/archives/bugtraq/2000-10/0436.htmlhttp://archives.neohapsis.com/archives/bugtraq/2000-10/0039.htmlhttp://www.securityfocus.com/bid/1738https://exchange.xforce.ibmcloud.com/vulnerabilities/5326
