15 matches found
EUVD-2008-7225
Malware in sbrugna...
EUVD-2008-7226
Malware in sbrugna...
CVE-2008-7273
A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling...
CVE-2008-7273
A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling...
Design/Logic Flaw
A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling...
CVE-2008-7273
A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling...
CVE-2008-7273
CVE-2008-7273 describes a symlink issue in Iceweasel-firegpg before 0.6 caused by insecure tempfile handling. Affected component is Iceweasel-firegpg; root cause is insecure tempfile handling leading to a symlink-related vulnerability. The CVSS data in the linked records indicates a local attack ...
Iceweasel-firegpg Backlink Vulnerability
Iceweasel-firegpg is a content encryption package for the Iceweasel browser. A backlink vulnerability in Iceweasel-firegpg versions prior to 0.6, which stems from a network system or product that does not properly filter filenames of links or shortcuts that represent unintended resources, can be...
CVE-2008-7272
FireGPG before 0.6 handle user’s passphrase and decrypted cleartext insecurely by writing pre-encrypted cleartext and the user's passphrase to disk which may result in the compromise of secure communication or a users’s private key...
Code injection
FireGPG before 0.6 handle user’s passphrase and decrypted cleartext insecurely by writing pre-encrypted cleartext and the user's passphrase to disk which may result in the compromise of secure communication or a users’s private key...
CVE-2008-7272
CVE-2008-7272 affects FireGPG before 0.6. The issue arises from insecure handling of the user’s passphrase and decrypted cleartext, which are written to disk as pre-encrypted cleartext and the passphrase. This can lead to the compromise of secure communications or the user’s private key. The prov...
CVE-2008-7272
FireGPG before 0.6 handle user’s passphrase and decrypted cleartext insecurely by writing pre-encrypted cleartext and the user's passphrase to disk which may result in the compromise of secure communication or a users’s private key...
FireGPG multiple security vulnerabilities
Information leakage with temporary files, insecure temporary files creation...
FireGPG Passphrase And Cleartext Vulnerability
======================================================================== Vulnerability Affecting FireGPG Passphrase and Cleartext Recovery 10/20/2008 Abstract FireGPG is a Firefox extension that provides a front-end to GPG, allowing webmail users to conveniently exchange GPG messages from Firefox...
FireGPG PGP Key Issuer Name HTML Injection Vulnerability
FireGPG is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML or JavaScript code could run in the context of the website that the application is triggered from,...