Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-0788 | 1 Pgp | 3 Corporate Desktop, Freeware, Personal Security | 2024-11-20 | 2.1 LOW | 5.5 MEDIUM |
An interaction between PGP 7.0.3 with the "wipe deleted files" option, when used on Windows Encrypted File System (EFS), creates a cleartext temporary files that cannot be wiped or deleted due to strong permissions, which could allow certain local users or attackers with physical access to obtain cleartext information. | |||||
CVE-2002-0685 | 1 Pgp | 3 Desktop Security, Freeware, Personal Security | 2024-11-20 | 7.5 HIGH | N/A |
Heap-based buffer overflow in the message decoding functionality for PGP Outlook Encryption Plug-In, as used in NAI PGP Desktop Security 7.0.4, Personal Security 7.0.3, and Freeware 7.0.3, allows remote attackers to modify the heap and gain privileges via a large, malformed mail message. | |||||
CVE-2001-1016 | 1 Pgp | 5 Corporate Desktop, E-business Server, Freeware and 2 more | 2024-11-20 | 7.5 HIGH | N/A |
PGP Corporate Desktop before 7.1, Personal Security before 7.0.3, Freeware before 7.0.3, and E-Business Server before 7.1 does not properly display when invalid userID's are used to sign a message, which could allow an attacker to make the user believe that the document has been signed by a trusted third party by adding a second, invalid user ID to a key which has already been signed by the third party, aka the "PGPsdk Key Validity Vulnerability." |