Vulnerability Description
Multiple unspecified vulnerabilities in the G/PGP (GPG) Plugin 2.1 for Squirrelmail allow remote attackers to execute arbitrary commands via unspecified vectors. NOTE: this information is based upon a vague pre-advisory from a reliable researcher.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Squirrelmail | Gpg Plugin | 2.0 |
| Squirrelmail | Squirrelmail | 1.4.10a |
References
- http://lists.immunitysec.com/pipermail/dailydave/2007-July/004453.html
- http://osvdb.org/45790
- http://www.attrition.org/pipermail/vim/2007-July/001703.html
- http://www.securityfocus.com/bid/24828
- http://lists.immunitysec.com/pipermail/dailydave/2007-July/004453.html
- http://osvdb.org/45790
- http://www.attrition.org/pipermail/vim/2007-July/001703.html
- http://www.securityfocus.com/bid/24828
FAQ
What is CVE-2007-3636?
CVE-2007-3636 is a vulnerability with a CVSS score of 7.5 (HIGH). Multiple unspecified vulnerabilities in the G/PGP (GPG) Plugin 2.1 for Squirrelmail allow remote attackers to execute arbitrary commands via unspecified vectors. NOTE: this information is based upon ...
How severe is CVE-2007-3636?
CVE-2007-3636 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-3636?
Check the references section above for vendor advisories and patch information. Affected products include: Squirrelmail Gpg Plugin, Squirrelmail Squirrelmail.