CVE-2002-0685

Name of the Vulnerable Software and Affected Versions NAI PGP Desktop Security versions 7.0.4 Personal Security versions 7.0.3 Freeware versions 7.0.3

Description A heap-based buffer overflow issue exists in the message decoding functionality for PGP Outlook Encryption Plug-In. This allows remote attackers to modify the heap and gain privileges via a large, malformed mail message.

Recommendations For NAI PGP Desktop Security version 7.0.4, update to a version that fixes the heap-based buffer overflow issue in the message decoding functionality. For Personal Security version 7.0.3, update to a version that fixes the heap-based buffer overflow issue in the message decoding functionality. For Freeware version 7.0.3, update to a version that fixes the heap-based buffer overflow issue in the message decoding functionality.