Vulnerabilities > CVE-2007-3201 - Unspecified vulnerability in Winpt 1.2.0
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
COMPLETE Availability impact
NONE Summary
Visual truncation vulnerability in Windows Privacy Tray (WinPT) 1.2.0 allows user-assisted remote attackers to install a key listed under the wrong user ID, and possibly cause the user to encrypt a victim's correspondence with this attacker-supplied key, via a key ID composed of the attacker's user ID, space characters, an invalid WinPT message, additional space characters, and the victim's user ID.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | WindowsPT 1.2 User ID Key Spoofing Vulnerability. CVE-2007-3201. Remote exploit for windows platform |
| id | EDB-ID:30169 |
| last seen | 2016-02-03 |
| modified | 2007-06-11 |
| published | 2007-06-11 |
| reporter | nnposter |
| source | https://www.exploit-db.com/download/30169/ |
| title | WindowsPT 1.2 User ID Key Spoofing Vulnerability |
References
- http://osvdb.org/41727
- http://securityreason.com/securityalert/2791
- http://wald.intevation.org/tracker/index.php?func=detail&aid=327&group_id=14&atid=138
- http://www.securityfocus.com/archive/1/471045/100/0/threaded
- http://www.securityfocus.com/bid/24412
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34813