PT-2002-2419 · Pgp+1 · Pgp+1
Published
2002-12-31
·
Updated
2024-02-13
·
CVE-2002-1696
CVSS v2.0
2.1
Low
| Vector | AV:L/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Microsoft Outlook plug-in PGP versions 7.0, 7.0.3, and 7.0.4
Description
The issue arises when the "Automatically decrypt/verify when opening messages" option is checked and the "Always use Secure Viewer when decrypting" option is not checked. In this scenario, if a user replies to an encrypted message, a decrypted copy of the message is silently saved to the hard disk.
Recommendations
For Microsoft Outlook plug-in PGP version 7.0, check the "Always use Secure Viewer when decrypting" option to prevent silent saving of decrypted messages.
For Microsoft Outlook plug-in PGP version 7.0.3, check the "Always use Secure Viewer when decrypting" option to prevent silent saving of decrypted messages.
For Microsoft Outlook plug-in PGP version 7.0.4, check the "Always use Secure Viewer when decrypting" option to prevent silent saving of decrypted messages.
Fix
Cleartext Storage of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Outlook
Pgp