Vulnerabilities > CVE-2007-3635 - Local Security vulnerability in Squirrelmail GPG Plugin and Squirrelmail

047910
CVSS 4.3 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
local
low complexity
squirrelmail

Summary

Multiple unspecified vulnerabilities in the G/PGP (GPG) Plugin before 2.1 for Squirrelmail might allow "local authenticated users" to inject certain commands via unspecified vectors. NOTE: this might overlap CVE-2005-1924, CVE-2006-4169, or CVE-2007-3634.

Vulnerable Configurations

Part Description Count
Application
Squirrelmail
2

Statements

contributorMark J Cox
lastmodified2007-07-10
organizationRed Hat
statementNot vulnerable. This plugin is not shipped with Squirrelmail in Red Hat Enterprise Linux.