CVE-2007-3778

2007-07-15T18:30:00
ID CVE-2007-3778
Type cve
Reporter NVD
Modified 2017-07-28T21:32:32

Description

The G/PGP (GPG) Plugin 2.0, and 2.1dev before 20060912, for Squirrelmail allows remote attackers to execute arbitrary commands via shell metacharacters in the messageSignedText parameter to the gpg_check_sign_pgp_mime function in gpg_hook_functions.php. NOTE: a parameter value can be set in the contents of an e-mail message.