Vulnerabilities > CVE-2007-3201 - Unspecified vulnerability in Winpt 1.2.0
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN winpt
exploit available
Summary
Visual truncation vulnerability in Windows Privacy Tray (WinPT) 1.2.0 allows user-assisted remote attackers to install a key listed under the wrong user ID, and possibly cause the user to encrypt a victim's correspondence with this attacker-supplied key, via a key ID composed of the attacker's user ID, space characters, an invalid WinPT message, additional space characters, and the victim's user ID.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | WindowsPT 1.2 User ID Key Spoofing Vulnerability. CVE-2007-3201. Remote exploit for windows platform |
| id | EDB-ID:30169 |
| last seen | 2016-02-03 |
| modified | 2007-06-11 |
| published | 2007-06-11 |
| reporter | nnposter |
| source | https://www.exploit-db.com/download/30169/ |
| title | WindowsPT 1.2 User ID Key Spoofing Vulnerability |
References
- http://osvdb.org/41727
- http://osvdb.org/41727
- http://securityreason.com/securityalert/2791
- http://securityreason.com/securityalert/2791
- http://wald.intevation.org/tracker/index.php?func=detail&aid=327&group_id=14&atid=138
- http://wald.intevation.org/tracker/index.php?func=detail&aid=327&group_id=14&atid=138
- http://www.securityfocus.com/archive/1/471045/100/0/threaded
- http://www.securityfocus.com/archive/1/471045/100/0/threaded
- http://www.securityfocus.com/bid/24412
- http://www.securityfocus.com/bid/24412
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34813
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34813