KMail GnuPG Arbitrary Content Injection Vulnerability
BID:22759
Info
KMail GnuPG Arbitrary Content Injection Vulnerability
| Bugtraq ID: | 22759 |
| Class: | Design Error |
| CVE: |
CVE-2007-1265 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 05 2007 12:00AM |
| Updated: | Mar 06 2007 06:35PM |
| Credit: | This vulnerability was found by Gerardo Richarte from Core Security Technologies. |
| Vulnerable: |
KDE kmail 1.102 KDE kmail 1.101 KDE kmail 1.100 KDE kmail 1.95 KDE kmail 1.94 KDE kmail 1.93 KDE kmail 1.92 KDE kmail 1.90 KDE kmail 1.89 KDE kmail 1.88 KDE kmail 1.87 KDE kmail 1.86.2 36 KDE kmail 1.9.1 KDE kmail 1.7.1 KDE kmail 1.3.1 KDE kmail 1.2 KDE kmail 1.0.29 .2 KDE kmail 1.0.29 .1 KDE kmail 1.0.29 KDE kmail 1.0.28 KDE kmail 1.0.27 KDE kmail 1.0.26 KDE kmail 1.0.25 KDE kmail 1.0.24 KDE kmail 0.0.29 2 KDE kmail |
| Not Vulnerable: | |
Discussion
KMail GnuPG Arbitrary Content Injection Vulnerability
KMail is prone to a vulnerability that may allow an attacker to add arbitrary content into a message without the end user knowing.
An attacker may be able to exploit this issue to add arbitrary content into a GnuPG signed and/or encrypted message.
This vulnerability is due to the weakness discussed in BID 22757 (GnuPG Signed Message Arbitrary Content Injection Weakness) and has been assigned its own BID because of the specific way that KMail uses GnuPG.
This issue affects KMail versions prior to and including 1.9.5.
KMail is prone to a vulnerability that may allow an attacker to add arbitrary content into a message without the end user knowing.
An attacker may be able to exploit this issue to add arbitrary content into a GnuPG signed and/or encrypted message.
This vulnerability is due to the weakness discussed in BID 22757 (GnuPG Signed Message Arbitrary Content Injection Weakness) and has been assigned its own BID because of the specific way that KMail uses GnuPG.
This issue affects KMail versions prior to and including 1.9.5.
Exploit / POC
KMail GnuPG Arbitrary Content Injection Vulnerability
The reporter of this issue has supplied multiple proof-of-concept examples demonstrating this issue. Please see the attached advisory for further information.
The reporter of this issue has supplied multiple proof-of-concept examples demonstrating this issue. Please see the attached advisory for further information.
Solution / Fix
KMail GnuPG Arbitrary Content Injection Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
References
KMail GnuPG Arbitrary Content Injection Vulnerability
References:
References:
- GnuPG Homepage (GnuPG)
- Impacket library (Core Security)
- KMail Home Page (KDE)
- CORE-2007-0115: GnuPG and GnuPG clients unsigned data injection vulnerability (CORE Security Technologies Advisories