VDB

CVE-2007-0603

CVE-2007-0603 PUBLISHED CVSS 7.099999904632568 HIGH

PGP Desktop before 9.5.1 does not validate data objects received over the (1) \pipe\pgpserv named pipe for PGPServ.exe or the (2) \pipe\pgpsdkserv named pipe for PGPsdkServ.exe, which allows remote authenticated users to gain privileges by sending a data object representing an absolute pointer, which causes code execution at the corresponding address.

EPSS 12.18% · 94.0th percentile

Risk Scores

CVSS 2.0
7.099999904632568
EPSS Score
12.18%
94.0th percentile

Affected Products

VendorProductVersions
pgpcorporate_desktop9.5
n/an/an/a

Timeline

  • Jan 30, 2007 CVE Published
  • Feb 4, 2022 EPSS Score
  • Mar 29, 2022 EPSS Score
  • May 20, 2022 EPSS Score
  • Sep 4, 2022 EPSS Score
  • Oct 26, 2022 EPSS Score
  • Dec 18, 2022 EPSS Score
  • Feb 9, 2023 EPSS Score
  • Apr 3, 2023 EPSS Score
  • Jul 17, 2023 EPSS Score
  • Sep 8, 2023 EPSS Score
  • Oct 30, 2023 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›