7.1

CVE-2007-0603

EPSS 12.18%
Veröffentlicht 30.01.2007 18:28:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

PGP Desktop before 9.5.1 does not validate data objects received over the (1) \pipe\pgpserv named pipe for PGPServ.exe or the (2) \pipe\pgpsdkserv named pipe for PGPsdkServ.exe, which allows remote authenticated users to gain privileges by sending a data object representing an absolute pointer, which causes code execution at the corresponding address.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 14

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Pgp ≫ Corporate Desktop Version9.5

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	12.18%	0.936

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.1	3.9	10	AV:N/AC:H/Au:S/C:C/I:C/A:C

http://archives.neohapsis.com/archives/vulnwatch/2007-q1/0025.html

http://osvdb.org/32969

http://osvdb.org/32970

http://secunia.com/advisories/23938

Vendor Advisory

http://securityreason.com/securityalert/2203

http://securitytracker.com/id?1017563

http://www.kb.cert.org/vuls/id/102465

US Government Resource

http://www.ngssoftware.com/advisories/medium-risk-vulnerability-in-pgp-desktop/

Vendor Advisory

http://www.securityfocus.com/archive/1/458137/100/0/threaded

http://www.securityfocus.com/bid/22247

http://www.vupen.com/english/advisories/2007/0356

https://nvd.nist.gov/vuln/detail/CVE-2007-0603

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-0603

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-0603

EUVD