2 matches found
CVE-2007-3635
Multiple unspecified vulnerabilities in the G/PGP GPG Plugin before 2.1 for Squirrelmail might allow "local authenticated users" to inject certain commands via unspecified vectors. NOTE: this might overlap CVE-2005-1924, CVE-2006-4169, or CVE-2007-3634...
CVE-2007-3635
The CVE-2007-3635 entry details a vulnerability in the SquirrelMail G/PGP plugin prior to version 2.1. The root cause is improper escaping of user-supplied data in functions such as deletekey(), gpg_check_sign_pgp_mime(), and gpg_recv_key(), allowing a local authenticated user to inject commands....