Vulnerabilities > CVE-2001-1016 - Unspecified vulnerability in PGP products

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

pgp

NVD

Published: 2001-09-04

Updated: 2017-10-10

Summary

PGP Corporate Desktop before 7.1, Personal Security before 7.0.3, Freeware before 7.0.3, and E-Business Server before 7.1 does not properly display when invalid userID's are used to sign a message, which could allow an attacker to make the user believe that the document has been signed by a trusted third party by adding a second, invalid user ID to a key which has already been signed by the third party, aka the "PGPsdk Key Validity Vulnerability."

Vulnerable Configurations

Part	Description	Count
Application	Pgp PGP Freeware 7.0.3 PGP E Business Server 6.5.8 PGP E Business Server 7.1 PGP E Business Server 7.0.4 PGP Corporate Desktop 7.1 PGP PGP 6.0.2 PGP PGP 5.0 PGP Personal Security 7.0.3	8

Summary

Vulnerable Configurations

References