CVE-2007-3635
published 2007-07-10CVE-2007-3635: Multiple unspecified vulnerabilities in the G/PGP (GPG) Plugin before 2.1 for Squirrelmail might allow "local authenticated users" to inject certain commands…
PriorityP49medium4.3CVSS 2.0
AVLACLAuSCPIPAP
EPSS
0.26%
17.5th percentile
Multiple unspecified vulnerabilities in the G/PGP (GPG) Plugin before 2.1 for Squirrelmail might allow "local authenticated users" to inject certain commands via unspecified vectors. NOTE: this might overlap CVE-2005-1924, CVE-2006-4169, or CVE-2007-3634.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| squirrelmail | gpg_plugin | — | — |
| squirrelmail | squirrelmail | — | — |
CVSS provenance
nvdv2.04.3MEDIUMAV:L/AC:L/Au:S/C:P/I:P/A:P
vendor_redhat9.3CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
CVE-2007-3635: Multiple unspecified vulnerabilities in the G/PGP (GPG) Plugin before 2
vendor_redhat·CVSS 9.3
CVE-2007-3635 [CRITICAL] CVE-2007-3635: Multiple unspecified vulnerabilities in the G/PGP (GPG) Plugin before 2
Multiple unspecified vulnerabilities in the G/PGP (GPG) Plugin before 2.1 for Squirrelmail might allow "local authenticated users" to inject certain commands via unspecified vectors. NOTE: this might overlap CVE-2005-1924, CVE-2006-4169, or CVE-2007-3634.
Statement: Not vulnerable. This plugin is not shipped with Squirrelmail in Red Hat Enterprise Linux.
GHSA
GHSA-qxqw-pch2-xr57: Multiple unspecified vulnerabilities in the G/PGP (GPG) Plugin before 2
ghsa_unreviewed·2022-05-01·CVSS 9.3
CVE-2007-3635 [CRITICAL] GHSA-qxqw-pch2-xr57: Multiple unspecified vulnerabilities in the G/PGP (GPG) Plugin before 2
Multiple unspecified vulnerabilities in the G/PGP (GPG) Plugin before 2.1 for Squirrelmail might allow "local authenticated users" to inject certain commands via unspecified vectors. NOTE: this might overlap CVE-2005-1924, CVE-2006-4169, or CVE-2007-3634.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2007-07-10
Published