Vulnerabilities > CVE-2007-1266 - Unspecified vulnerability in Gnome Evolution
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Evolution 2.8.1 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Evolution from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message without detection.
Vulnerable Configurations
Exploit-Db
| description | Gnome Evolution 2.x GnuPG Arbitrary Content Injection Vulnerability. CVE-2007-1266. Remote exploit for linux platform |
| id | EDB-ID:29691 |
| last seen | 2016-02-03 |
| modified | 2007-03-05 |
| published | 2007-03-05 |
| reporter | Gerardo Richarte |
| source | https://www.exploit-db.com/download/29691/ |
| title | Gnome Evolution 2.x GnuPG Arbitrary Content Injection Vulnerability |
Nessus
NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-432-1.NASL description Gerardo Richarte from Core Security Technologies discovered that when gnupg is used without --status-fd, there is no way to distinguish initial unsigned messages from a following signed message. An attacker could inject an unsigned message, which could fool the user into thinking the message was entirely signed by the original sender. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 28026 published 2007-11-10 reporter Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/28026 title Ubuntu 5.10 / 6.06 LTS / 6.10 : gnupg vulnerability (USN-432-1) NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2007-059.NASL description GnuPG prior to 1.4.7 and GPGME prior to 1.1.4, when run from the command line, did not visually distinguish signed and unsigned portions of OpenPGP messages with multiple components. This could allow a remote attacker to forge the contents of an email message without detection. GnuPG 1.4.7 is being provided with this update and GPGME has been patched on Mandriva 2007.0 to provide better visual notification on these types of forgeries. last seen 2020-06-01 modified 2020-06-02 plugin id 24809 published 2007-03-12 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/24809 title Mandrake Linux Security Advisory : gnupg (MDKSA-2007:059)
References
- http://lists.gnupg.org/pipermail/gnupg-users/2007-March/030514.html
- http://secunia.com/advisories/24412
- http://securityreason.com/securityalert/2353
- http://www.coresecurity.com/?action=item&id=1687
- http://www.securityfocus.com/archive/1/461958/100/0/threaded
- http://www.securityfocus.com/archive/1/461958/30/7710/threaded
- http://www.securityfocus.com/bid/22760
- http://www.securitytracker.com/id?1017727
- http://www.vupen.com/english/advisories/2007/0835