CVE-2007-1265

Name of the Vulnerable Software and Affected Versions KMail versions 1.9.5 and earlier

Description The issue prevents KMail from properly distinguishing between signed and unsigned portions of OpenPGP messages with multiple components. This allows remote attackers to forge the contents of a message without detection, as KMail does not correctly utilize the --status-fd argument when invoking GnuPG.

Recommendations For versions 1.9.5 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.