25 matches found
UBUNTU-CVE-2018-12020
mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2" option. For example, the OpenPGP data might represen...
CVE-2010-3618
PGP Desktop 10.0.x before 10.0.3 SP2 and 10.1.0 before 10.1.0 SP1 does not properly implement the "Decrypt/Verify File via Right-Click" functionality for multi-packet OpenPGP messages that represent multi-message input, which allows remote attackers to spoof signed data by concatenating an...
Design/Logic Flaw
PGP Desktop 10.0.x before 10.0.3 SP2 and 10.1.0 before 10.1.0 SP1 does not properly implement the "Decrypt/Verify File via Right-Click" functionality for multi-packet OpenPGP messages that represent multi-message input, which allows remote attackers to spoof signed data by concatenating an...
CVE-2010-3618
CVE-2010-3618 affects PGP Desktop versions 10.0.x prior to 10.0.3 SP2 and 10.1.0 prior to 10.1.0 SP1. The vulnerability lies in the Decrypt/Verify File via Right-Click workflow for multi-packet OpenPGP messages, enabling a remote attacker to spoof signed data by appending an unsigned/extra messag...
PT-2002-2419 · Pgp +1 · Pgp +1
Name of the Vulnerable Software and Affected Versions: Microsoft Outlook plug-in PGP versions 7.0, 7.0.3, and 7.0.4 Description: The issue arises when the "Automatically decrypt/verify when opening messages" option is checked and the "Always use Secure Viewer when decrypting" option is not checke...