PT-2002-1710 · Nai · Pgp Outlook Encryption Plug-In+3

Published

2002-07-23

Updated

2016-10-18

CVE-2002-0685

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions NAI PGP Desktop Security versions 7.0.4 Personal Security versions 7.0.3 Freeware versions 7.0.3

Description A heap-based buffer overflow issue exists in the message decoding functionality for PGP Outlook Encryption Plug-In. This allows remote attackers to modify the heap and gain privileges via a large, malformed mail message.

Recommendations For NAI PGP Desktop Security version 7.0.4, update to a version that fixes the heap-based buffer overflow issue in the message decoding functionality. For Personal Security version 7.0.3, update to a version that fixes the heap-based buffer overflow issue in the message decoding functionality. For Freeware version 7.0.3, update to a version that fixes the heap-based buffer overflow issue in the message decoding functionality.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-0685

Affected Products

Freeware

Nai Pgp Desktop Security

Pgp Outlook Encryption Plug-In

Personal Security

PT-2002-1710 · Nai · Pgp Outlook Encryption Plug-In+3

CVE-2002-0685

Related Identifiers

Affected Products

References · 8