Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2010-3618
HistoryNov 22, 2010 - 1:00 p.m.

CVE-2010-3618

2010-11-2213:00:16
CWE-310
[email protected]
web.nvd.nist.gov
4

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.6

Confidence

Low

EPSS

0.014

Percentile

86.5%

JSON

PGP Desktop 10.0.x before 10.0.3 SP2 and 10.1.0 before 10.1.0 SP1 does not properly implement the “Decrypt/Verify File via Right-Click” functionality for multi-packet OpenPGP messages that represent multi-message input, which allows remote attackers to spoof signed data by concatenating an additional message to the end of a legitimately signed message, related to a “piggy-back” or “unsigned data injection” issue.

Affected configurations

Nvd
Node
pgpdesktop_for_windowsRange10.0.3sp1
OR
pgpdesktop_for_windowsMatch10.0.0
OR
pgpdesktop_for_windowsMatch10.0.1
OR
pgpdesktop_for_windowsMatch10.0.2
OR
pgpdesktop_for_windowsMatch10.0.3
OR
pgpdesktop_for_windowsMatch10.1.0
Node
pgpdesktop_for_macRange10.0.3sp1
OR
pgpdesktop_for_macMatch10.0.0
OR
pgpdesktop_for_macMatch10.0.1
OR
pgpdesktop_for_macMatch10.0.2
OR
pgpdesktop_for_macMatch10.0.3
OR
pgpdesktop_for_macMatch10.1.0
VendorProductVersionCPE
pgpdesktop_for_windows*cpe:2.3:a:pgp:desktop_for_windows:*:sp1:*:*:*:*:*:*
pgpdesktop_for_windows10.0.0cpe:2.3:a:pgp:desktop_for_windows:10.0.0:*:*:*:*:*:*:*
pgpdesktop_for_windows10.0.1cpe:2.3:a:pgp:desktop_for_windows:10.0.1:*:*:*:*:*:*:*
pgpdesktop_for_windows10.0.2cpe:2.3:a:pgp:desktop_for_windows:10.0.2:*:*:*:*:*:*:*
pgpdesktop_for_windows10.0.3cpe:2.3:a:pgp:desktop_for_windows:10.0.3:*:*:*:*:*:*:*
pgpdesktop_for_windows10.1.0cpe:2.3:a:pgp:desktop_for_windows:10.1.0:*:*:*:*:*:*:*
pgpdesktop_for_mac*cpe:2.3:a:pgp:desktop_for_mac:*:sp1:*:*:*:*:*:*
pgpdesktop_for_mac10.0.0cpe:2.3:a:pgp:desktop_for_mac:10.0.0:*:*:*:*:*:*:*
pgpdesktop_for_mac10.0.1cpe:2.3:a:pgp:desktop_for_mac:10.0.1:*:*:*:*:*:*:*
pgpdesktop_for_mac10.0.2cpe:2.3:a:pgp:desktop_for_mac:10.0.2:*:*:*:*:*:*:*
Rows per page:
1-10 of 121

Related

cve 1
openvas 2
cert 1
prion 1
cvelist 1
symantec 1
cve
cve
CVE-2010-3618
2010-11-22 13:00:16
openvas
openvas
PGP Desktop Signed Data Spoofing Vulnerability
2010-12-09 00:00:00
PGP Desktop Signed Data Spoofing Vulnerability
2010-12-09 00:00:00
cert
cert
PGP Desktop unsigned data injection vulnerability
2010-11-18 00:00:00
prion
prion
Design/Logic Flaw
2010-11-22 13:00:00
cvelist
cvelist
CVE-2010-3618
2010-11-20 21:00:00
symantec
symantec
PGP Desktop Unsigned Data Insertion
2010-11-18 08:00:00

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.6

Confidence

Low

EPSS

0.014

Percentile

86.5%

JSON
Related for NVD:CVE-2010-3618
cve1openvas2cert1prion1cvelist1symantec1