15 matches found
EUVD-2008-7225
Malware in sbrugna...
EUVD-2008-7226
Malware in sbrugna...
CVE-2008-7273
A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling...
CVE-2008-7273
A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling...
Design/Logic Flaw
A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling...
CVE-2008-7273
CVE-2008-7273 describes a symlink issue in Iceweasel-firegpg before 0.6 caused by insecure tempfile handling. Affected component is Iceweasel-firegpg; root cause is insecure tempfile handling leading to a symlink-related vulnerability. The CVSS data in the linked records indicates a local attack ...
CVE-2008-7273
A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling...
Iceweasel-firegpg Backlink Vulnerability
Iceweasel-firegpg is a content encryption package for the Iceweasel browser. A backlink vulnerability in Iceweasel-firegpg versions prior to 0.6, which stems from a network system or product that does not properly filter filenames of links or shortcuts that represent unintended resources, can be...
CVE-2008-7272
FireGPG before 0.6 handle user’s passphrase and decrypted cleartext insecurely by writing pre-encrypted cleartext and the user's passphrase to disk which may result in the compromise of secure communication or a users’s private key...
Code injection
FireGPG before 0.6 handle user’s passphrase and decrypted cleartext insecurely by writing pre-encrypted cleartext and the user's passphrase to disk which may result in the compromise of secure communication or a users’s private key...
CVE-2008-7272
CVE-2008-7272 affects FireGPG before 0.6. The issue arises from insecure handling of the user’s passphrase and decrypted cleartext, which are written to disk as pre-encrypted cleartext and the passphrase. This can lead to the compromise of secure communications or the user’s private key. The prov...
CVE-2008-7272
FireGPG before 0.6 handle user’s passphrase and decrypted cleartext insecurely by writing pre-encrypted cleartext and the user's passphrase to disk which may result in the compromise of secure communication or a users’s private key...
FireGPG Passphrase And Cleartext Vulnerability
======================================================================== Vulnerability Affecting FireGPG Passphrase and Cleartext Recovery 10/20/2008 Abstract FireGPG is a Firefox extension that provides a front-end to GPG, allowing webmail users to conveniently exchange GPG messages from Firefox...
FireGPG multiple security vulnerabilities
Information leakage with temporary files, insecure temporary files creation...
FireGPG PGP Key Issuer Name HTML Injection Vulnerability
FireGPG is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML or JavaScript code could run in the context of the website that the application is triggered from,...