Visual truncation vulnerability in Windows Privacy Tray (WinPT) 1.2.0 allows user-assisted remote malicious users to install a key listed under the wrong user ID, and possibly cause the user to encrypt a victim's correspondence with this attacker-supplied key, via a key ID composed of the attacker's user ID, space characters, an invalid WinPT message, additional space characters, and the victim's user ID.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
winpt winpt 1.2.0 |