|
|
CVE Reference: CVE-2007-1268 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-1268 |
|
|
Description: Mutt 1.5.13 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Mutt from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message without detection. |
|
|
CVE Status: Candidate |
|
|
References: ST 1017727 SREASON http://securityreason.com/securityalert/2353 SAID Secunia Advisory: SA24415 MLIST http://lists.gnupg.org/pipermail/gnupg-users/2007-March/030514.html MISC http://www.coresecurity.com/?action=item&id=1687 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/461958/30/7710/threaded http://www.securityfocus.com/archive/1/archive/1/461958/100/0/threaded BID 22778 |
|
| Return to the previous page. |
