Vulnerabilities

CVE-2007-3778

by Fred · 15/07/2007

The G/PGP (GPG) Plugin 2.0, and 2.1dev before 20060912, for Squirrelmail allows remote attackers to execute arbitrary commands via shell metacharacters in the messageSignedText parameter to the gpg_check_sign_pgp_mime function in gpg_hook_functions.php. NOTE: a parameter value can be set in the contents of an e-mail message.

Date published : 2007-07-15

http://www.securityfocus.com/bid/24874

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=330

Similar

Tags: Cybersecurity Alert