CVE-2002-1696
5.5
CVSS Score
Medium
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Link copied!
Description
Microsoft Outlook plug-in PGP version 7.0, 7.0.3, and 7.0.4 silently saves a decrypted copy of a message to hard disk when "Automatically decrypt/verify when opening messages" option is checked, "Always use Secure Viewer when decrypting" option is not checked, and the user replies to an encrypted message.
CVSS Vector Details
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Affected Software Configurations
- a pgp personal_privacy 7.0 * * * * * * *
- a pgp personal_privacy 7.0.3 * * * * * * *
- a pgp personal_privacy 7.0.4 * * * * * * *
- a microsoft outlook 98 * * * * * * *
Weaknesses (CWE)
- CWE-312
References & External Links
- http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0201&L=ntbugtraq&F=P&S=&P=528
- http://www.securityfocus.com/bid/3825
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7900
- http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0201&L=ntbugtraq&F=P&S=&P=528
- http://www.securityfocus.com/bid/3825
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7900
External Resources
CVE History Timeline
Jul 01, 2005 16:53
Initial Analysis
Jul 11, 2017 01:29
CVE Modified
Feb 13, 2024 16:20
Modified Analysis
May 14, 2024 01:22
CVE Modified
Nov 20, 2024 23:41
CVE Modified