25 matches found
EUVD-2007-3620
Malware in sbrugna...
EUVD-2007-3618
Malware in sbrugna...
EUVD-2006-4159
Malware in sbrugna...
EUVD-2007-3619
Malware in sbrugna...
EUVD-2005-1926
Malware in sbrugna...
EUVD-2007-3762
Malware in sbrugna...
EUVD-2007-3763
Malware in sbrugna...
SUSE CVE-2006-4169
Multiple directory traversal vulnerabilities in the G/PGP GPG Plugin 2.0, and 2.1dev before 20070614, for Squirrelmail allow remote authenticated users to include and execute arbitrary local files via a .. dot dot in the help parameter to 1 gpghelp.php or 2 gpghelpbase.php...
SUSE CVE-2007-3634
Unspecified vulnerability in the G/PGP GPG Plugin 2.0 for Squirrelmail 1.4.10a allows remote authenticated users to execute arbitrary commands via unspecified vectors, possibly related to the passphrase variable in the gpgsignattachment function, aka ZD-00000004. this information is based upon a...
Bloop Airmail GPG-PGP Plugin Data Forgery Issue Vulnerability
Bloop Airmail is an email application from Bloop Italy.GPG-PGP Plugin is one of the encryption components. A data forgery issue vulnerability exists in Bloop Airmail GPG-PGP Plugin 1.0 9 and prior versions, which arises from a networked system or product that does not adequately validate the orig...
CVE-2007-3634
Unspecified vulnerability in the G/PGP GPG Plugin 2.0 for Squirrelmail 1.4.10a allows remote authenticated users to execute arbitrary commands via unspecified vectors, possibly related to the passphrase variable in the gpgsignattachment function, aka ZD-00000004. this information is based upon a...
Two vulnerabilities in SquirrelMail GPG plugin
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Site address: http://www.braverock.com/gpg SquirrelMail plugin page: http://www.squirrelmail.org/pluginview.php?id=153 1 issue - Deletion of files writable by web server user SquirrelMail GPG plugin allows end users to delete or overwrite files writab...
Code injection
The G/PGP GPG Plugin 2.0, and 2.1dev before 20060912, for Squirrelmail allows remote attackers to execute arbitrary commands via shell metacharacters in the messageSignedText parameter to the gpgchecksignpgpmime function in gpghookfunctions.php. NOTE: a parameter value can be set in the contents ...
CVE-2006-4169
Multiple directory traversal vulnerabilities in the G/PGP GPG Plugin 2.0, and 2.1dev before 20070614, for Squirrelmail allow remote authenticated users to include and execute arbitrary local files via a .. dot dot in the help parameter to 1 gpghelp.php or 2 gpghelpbase.php...
CVE-2005-1924
The CVE-2005-1924 issue affects the G/PGP plugin for SquirrelMail (2.1 and earlier). It allows an authenticated remote user to execute arbitrary commands by injecting shell metacharacters in the fpr parameter to deleteKey (via gpg_keyring.php called by import_key_file.php, import_key_text.php, an...
CVE-2007-3634
Unspecified vulnerability in the G/PGP GPG Plugin 2.0 for Squirrelmail 1.4.10a allows remote authenticated users to execute arbitrary commands via unspecified vectors, possibly related to the passphrase variable in the gpgsignattachment function, aka ZD-00000004. this information is based upon a...
CVE-2007-3635
Multiple unspecified vulnerabilities in the G/PGP GPG Plugin before 2.1 for Squirrelmail might allow "local authenticated users" to inject certain commands via unspecified vectors. NOTE: this might overlap CVE-2005-1924, CVE-2006-4169, or CVE-2007-3634...
Information disclosure
Unspecified vulnerability in the G/PGP GPG Plugin 2.0 for Squirrelmail 1.4.10a allows remote authenticated users to execute arbitrary commands via unspecified vectors, possibly related to the passphrase variable in the gpgsignattachment function, aka ZD-00000004. this information is based upon a...
CVE-2007-3636
Multiple unspecified vulnerabilities in the G/PGP GPG Plugin 2.1 for Squirrelmail allow remote attackers to execute arbitrary commands via unspecified vectors. NOTE: this information is based upon a vague pre-advisory from a reliable researcher...
CVE-2007-3634
CVE-2007-3634 concerns the G/PGP (GPG) Plugin 2.0 for Squirrelmail 1.4.10a. A remote authenticated attacker could execute arbitrary commands via an unspecified vector, with potential ties to the passphrase variable in the gpg_sign_attachment function. The available documents do not provide a conc...