Vulnerability Details CVE-2002-1696
Microsoft Outlook plug-in PGP version 7.0, 7.0.3, and 7.0.4 silently saves a decrypted copy of a message to hard disk when "Automatically decrypt/verify when opening messages" option is checked, "Always use Secure Viewer when decrypting" option is not checked, and the user replies to an encrypted message.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 20.5%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 2.1
References
- http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0201&L=ntbugtraq&F=P&S=&P=528
- http://www.securityfocus.com/bid/3825
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7900
- http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0201&L=ntbugtraq&F=P&S=&P=528
- http://www.securityfocus.com/bid/3825
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7900
Products affected by CVE-2002-1696
-
cpe:2.3:a:microsoft:outlook:98
-
cpe:2.3:a:pgp:personal_privacy:7.0
-
cpe:2.3:a:pgp:personal_privacy:7.0.3
-
cpe:2.3:a:pgp:personal_privacy:7.0.4