PGP : Security Vulnerabilities, CVEs, (Code Execution)
Untrusted search path vulnerability in PGP Desktop 9.9.0 Build 397, 9.10.x, 10.0.0 Build 2732, and probably other versions allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse tsp.dll or tvttsp.dll that is located in the same folder as a .p12, .pem, .pgp, .prk, .prvkr, .pubkr, .rnd, or .skr file.
Max CVSS
9.3
EPSS Score
0.48%
Published
2010-09-15
Updated
2018-10-10
PGP Desktop before 9.10 allows local users to (1) cause a denial of service (crash) via a crafted IOCTL request to pgpdisk.sys, and (2) cause a denial of service (crash) and execute arbitrary code via a crafted IRP in an IOCTL request to pgpwded.sys.
Max CVSS
7.2
EPSS Score
0.04%
Published
2009-04-15
Updated
2018-10-10
Buffer overflow in PGP Corporate Desktop 7.1.1 allows remote attackers to execute arbitrary code via an encrypted document that has a long filename when it is decrypted.
Max CVSS
7.5
EPSS Score
4.84%
Published
2002-10-04
Updated
2017-10-10
Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted mail message.
Max CVSS
7.5
EPSS Score
2.76%
Published
2001-09-04
Updated
2017-07-11
CVE-2001-1320
Public exploit
Network Associates PGP Keyserver 7.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via exceptional BER encodings (possibly buffer overflows), as demonstrated by the PROTOS LDAPv3 test suite.
Max CVSS
7.5
EPSS Score
43.71%
Published
2001-07-16
Updated
2017-12-19
5 vulnerabilities found