Vulnerabilities > CVE-2007-3635 - Unspecified vulnerability in Squirrelmail GPG Plugin and Squirrelmail

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

squirrelmail

NVD

Published: 2007-07-10

Updated: 2008-11-15

Summary

Multiple unspecified vulnerabilities in the G/PGP (GPG) Plugin before 2.1 for Squirrelmail might allow "local authenticated users" to inject certain commands via unspecified vectors. NOTE: this might overlap CVE-2005-1924, CVE-2006-4169, or CVE-2007-3634.

Vulnerable Configurations

Part	Description	Count
Application	Squirrelmail Squirrelmail Squirrelmail 1.4.10A Squirrelmail GPG Plugin 2.0	2

Statements

contributor	Mark J Cox
lastmodified	2007-07-10
organization	Red Hat
statement	Not vulnerable. This plugin is not shipped with Squirrelmail in Red Hat Enterprise Linux.

References

http://www.squirrelmail.org/plugin_view.php?id=153
http://www.attrition.org/pipermail/vim/2007-July/001703.html
http://osvdb.org/45789