CVE-2007-1269

CVE-2007-1269 affects GNUMail 1.1.2 and earlier. The root cause is improper use of the --status-fd argument when invoking GnuPG, which prevents distinguishing between signed and unsigned portions of multi-component OpenPGP messages. This can allow remote attackers to forge message contents withou...