Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 30/01/2007 Updated: 16/10/2018

CVSS v2 Base Score: 7.1 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 632

Vector: AV:N/AC:H/Au:S/C:C/I:C/A:C

PGP Desktop prior to 9.5.1 does not validate data objects received over the (1) \pipe\pgpserv named pipe for PGPServ.exe or the (2) \pipe\pgpsdkserv named pipe for PGPsdkServ.exe, which allows remote authenticated users to gain privileges by sending a data object representing an absolute pointer, which causes code execution at the corresponding address.

Vulnerable Product	Search on Vulmon	Subscribe to Product
pgp corporate desktop 9.5

NVD-CWE-Other http://www.ngssoftware.com/advisories/medium-risk-vulnerability-in-pgp-desktop/http://secunia.com/advisories/23938 http://www.kb.cert.org/vuls/id/102465 http://www.securityfocus.com/bid/22247 http://securitytracker.com/id?1017563 http://securityreason.com/securityalert/2203 http://osvdb.org/32969 http://osvdb.org/32970 http://archives.neohapsis.com/archives/vulnwatch/2007-q1/0025.html http://www.vupen.com/english/advisories/2007/0356 http://www.securityfocus.com/archive/1/458137/100/0/threaded https://nvd.nist.gov https://www.kb.cert.org/vuls/id/102465

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-0603

Vulnerability Summary

References

Vulmon Search

About

Products

Connect