Sylpheed GnuPG Arbitrary Content Injection Vulnerability
BID:22777
Info
Sylpheed GnuPG Arbitrary Content Injection Vulnerability
| Bugtraq ID: | 22777 |
| Class: | Design Error |
| CVE: |
CVE-2007-1267 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 05 2007 12:00AM |
| Updated: | Mar 06 2007 06:45PM |
| Credit: | This vulnerability was found by Gerardo Richarte from Core Security Technologies. |
| Vulnerable: |
Sylpheed Sylpheed 2.2.7 Sylpheed Sylpheed 2.0.4 Sylpheed Sylpheed 2.0.3 Sylpheed Sylpheed 2.0.2 Sylpheed Sylpheed 2.0.1 Sylpheed Sylpheed 2.0 Sylpheed Sylpheed 1.9.5 Sylpheed Sylpheed 1.9.4 Sylpheed Sylpheed 1.9.3 Sylpheed Sylpheed 1.9.2 Sylpheed Sylpheed 1.9.1 Sylpheed Sylpheed 1.9 Sylpheed Sylpheed 1.0.6 Sylpheed Sylpheed 1.0.5 Sylpheed Sylpheed 1.0.4 Sylpheed Sylpheed 1.0.3 Sylpheed Sylpheed 1.0.2 Sylpheed Sylpheed 1.0.1 Sylpheed Sylpheed 1.0 .0 Sylpheed Sylpheed 0.9.99 Sylpheed Sylpheed 0.9.12 Sylpheed Sylpheed 0.9.11 Sylpheed Sylpheed 0.9.10 Sylpheed Sylpheed 0.9.9 Sylpheed Sylpheed 0.9.8 Sylpheed Sylpheed 0.9.7 Sylpheed Sylpheed 0.9.6 Sylpheed Sylpheed 0.9.5 Sylpheed Sylpheed 0.9.4 Sylpheed Sylpheed 0.8.11 Sylpheed Sylpheed 0.8 Sylpheed Sylpheed 0.7.4 |
| Not Vulnerable: | |
Discussion
Sylpheed GnuPG Arbitrary Content Injection Vulnerability
Sylpheed is prone to a vulnerability that may allow an attacker to add arbitrary content into a message without the end user knowing.
An attacker may be able to exploit this issue to add arbitrary content into a GnuPG signed and/or encrypted message.
This vulnerability is due to the weakness discussed in BID 22757 (GnuPG Signed Message Arbitrary Content Injection Weakness) and has been assigned its own BID because of the specific way that Sylpheed uses GnuPG.
This issue affects Sylpheed versions prior to and including 2.2.7.
Sylpheed is prone to a vulnerability that may allow an attacker to add arbitrary content into a message without the end user knowing.
An attacker may be able to exploit this issue to add arbitrary content into a GnuPG signed and/or encrypted message.
This vulnerability is due to the weakness discussed in BID 22757 (GnuPG Signed Message Arbitrary Content Injection Weakness) and has been assigned its own BID because of the specific way that Sylpheed uses GnuPG.
This issue affects Sylpheed versions prior to and including 2.2.7.
Exploit / POC
Sylpheed GnuPG Arbitrary Content Injection Vulnerability
The reporter of this issue has supplied multiple proof-of-concept examples demonstrating this issue. Please see the attached advisory for further information.
The reporter of this issue has supplied multiple proof-of-concept examples demonstrating this issue. Please see the attached advisory for further information.
Solution / Fix
Sylpheed GnuPG Arbitrary Content Injection Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
References
Sylpheed GnuPG Arbitrary Content Injection Vulnerability
References:
References:
- GnuPG Homepage (GnuPG)
- Impacket library (Core Security)
- Sylpheed Home Page (Sylpheed)
- CORE-2007-0115: GnuPG and GnuPG clients unsigned data injection vulnerability (CORE Security Technologies Advisories