CVE-2001-1016 in PGPinfo

Zusammenfassung

von MITRE

PGP Corporate Desktop before 7.1, Personal Security before 7.0.3, Freeware before 7.0.3, and E-Business Server before 7.1 does not properly display when invalid userID s are used to sign a message, which could allow an attacker to make the user believe that the document has been signed by a trusted third party by adding a second, invalid user ID to a key which has already been signed by the third party, aka the "PGPsdk Key Validity Vulnerability."

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Veröffentlichung

04.09.2001

Moderieren

akzeptiert

Eintrag

VDB-17317

CPE

bereit

CWE

CWE-290 (bestätigt)

CVSS

7.3 (VulDB)

EPSS

0.00539

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2001-1016
NVD	https://nvd.nist.gov/vuln/detail/CVE-2001-1016
CVE Details	https://www.cvedetails.com/cve/CVE-2001-1016/

◂ Zurück Übersicht Weiter ▸

Want to know what is going to be exploited?

We predict KEV entries!