2 matches found
CVE-2007-1267
Sylpheed 2.2.7 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Sylpheed from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message...
CVE-2007-1267
Sylpheed 2.2.7 and earlier improperly uses the --status-fd argument when invoking GnuPG, which prevents distinguishing between signed and unsigned portions of multi-component OpenPGP messages. This allows remote attackers to forge message contents without detection. Affected software and version:...