Back to search
CVE-2007-0603
Published: Jan 30, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
PGP Desktop before 9.5.1 does not validate data objects received over the (1) \pipe\pgpserv named pipe for PGPServ.exe or the (2) \pipe\pgpsdkserv named pipe for PGPsdkServ.exe, which allows remote authenticated users to gain privileges by sending a data object representing an absolute pointer, which causes code execution at the corresponding address.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
1017563
vdb-entry
x_refsource_SECTRACK
20070125 Medium Risk Vulnerability in PGP Desktop
mailing-list
x_refsource_VULNWATCH
2203
third-party-advisory
x_refsource_SREASON
32970
vdb-entry
x_refsource_OSVDB
22247
vdb-entry
x_refsource_BID
20070125 Medium Risk Vulnerability in PGP Desktop
mailing-list
x_refsource_BUGTRAQ
23938
third-party-advisory
x_refsource_SECUNIA
ADV-2007-0356
vdb-entry
x_refsource_VUPEN
32969
vdb-entry
x_refsource_OSVDB
VU#102465
third-party-advisory
x_refsource_CERT-VN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now