National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:pgp:pgp:7.0.3
There are 3 matching records.
Vuln ID Summary CVSS Severity
CVE-2002-1696

Microsoft Outlook plug-in PGP version 7.0, 7.0.3, and 7.0.4 silently saves a decrypted copy of a message to hard disk when "Automatically decrypt/verify when opening messages" option is checked, "Always use Secure Viewer when decrypting" option is not checked, and the user replies to an encrypted message.

Published: December 31, 2002; 12:00:00 AM -05:00
V2: 2.1 LOW
CVE-2002-2069

PGP 6.x and 7.x does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted.

Published: December 31, 2002; 12:00:00 AM -05:00
V2: 5.0 MEDIUM
CVE-2001-0265

ASCII Armor parser in Windows PGP 7.0.3 and earlier allows attackers to create files in arbitrary locations via a malformed ASCII armored file.

Published: June 18, 2001; 12:00:00 AM -04:00
V2: 2.1 LOW