CVE-2007-3779
Severity Score
4.3
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
PHP local file inclusion vulnerability in gpg_pop_init.php in the G/PGP (GPG) Plugin before 20070707 for Squirrelmail allows remote attackers to include and execute arbitrary local files, related to the MOD parameter.
Vulnerabilidad de inclusión remota de archivo en PHP en el gpg_pop_init.php en la extensión G/PGP (GPG) anterior al 20070707 para el Squirrelmail permite a atacantes remotos incluir y ejecutar ficheros locales de su elección, relacionado con el parámetro MOD.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2007-07-15 CVE Reserved
- 2007-07-15 CVE Published
- 2024-05-18 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| http://osvdb.org/37930 | Vdb Entry | |
| http://www.braverock.com/gpg/cvs/viewcvs.cgi/gpg/gpg_pop_init.php.diff?r1=1.14&r2=1.15 | X_refsource_misc |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.attrition.org/pipermail/vim/2007-July/001703.html | 2012-10-31 | |
| http://www.braverock.com/gpg/statcvs/commit_log.html | 2012-10-31 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Squirrelmail Search vendor "Squirrelmail" | Gpg Plugin Search vendor "Squirrelmail" for product "Gpg Plugin" | 2.1 Search vendor "Squirrelmail" for product "Gpg Plugin" and version "2.1" | - |
Affected
| ||||||