cbcvebase.
CVE-2007-3635
published 2007-07-10

CVE-2007-3635: Multiple unspecified vulnerabilities in the G/PGP (GPG) Plugin before 2.1 for Squirrelmail might allow "local authenticated users" to inject certain commands…

PriorityP49medium4.3CVSS 2.0
AVLACLAuSCPIPAP
EPSS
0.26%
17.5th percentile
Multiple unspecified vulnerabilities in the G/PGP (GPG) Plugin before 2.1 for Squirrelmail might allow "local authenticated users" to inject certain commands via unspecified vectors. NOTE: this might overlap CVE-2005-1924, CVE-2006-4169, or CVE-2007-3634.

Affected

2 ranges
VendorProductVersion rangeFixed in
squirrelmailgpg_plugin
squirrelmailsquirrelmail

CVSS provenance

nvdv2.04.3MEDIUMAV:L/AC:L/Au:S/C:P/I:P/A:P
vendor_redhat9.3CRITICAL
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.