CVE-2007-3779

Name of the Vulnerable Software and Affected Versions G/PGP (GPG) Plugin versions prior to 20070707 for Squirrelmail

Description The issue allows remote attackers to include and execute arbitrary local files, related to the MOD parameter. This can be exploited by sending a request to a vulnerable API endpoint, although the specific endpoint is not mentioned. The estimated number of potentially affected devices worldwide is not available.

Recommendations For G/PGP (GPG) Plugin versions prior to 20070707, update to version 20070707 or later to resolve the issue. As a temporary workaround, consider restricting access to the gpg pop init.php file to minimize the risk of exploitation. Avoid using the MOD parameter in affected configurations until the issue is resolved.