|
|
CVE Reference: CVE-2007-3778 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-3778 |
|
|
Description: The G/PGP (GPG) Plugin 2.0, and 2.1dev before 20060912, for Squirrelmail allows remote attackers to execute arbitrary commands via shell metacharacters in the messageSignedText parameter to the gpg_check_sign_pgp_mime function in gpg_hook_functions.php. NOTE: a parameter value can be set in the contents of an e-mail message. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/35363 VIM http://www.attrition.org/pipermail/vim/2007-July/001704.html SAID Secunia Advisory: SA26035 MLIST http://lists.immunitysec.com/pipermail/dailydave/2007-July/004456.html http://lists.immunitysec.com/pipermail/dailydave/2007-July/004452.html IDEFENSE http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=330 BID 24874 |
|
| Return to the previous page. |
