CVE-2008-7272

Опубликовано: 08 нояб. 2019

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

FireGPG before 0.6 handle user’s passphrase and decrypted cleartext insecurely by writing pre-encrypted cleartext and the user's passphrase to disk which may result in the compromise of secure communication or a users’s private key.

Ссылки

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514386
Issue Tracking
Third Party Advisory
https://security-tracker.debian.org/tracker/CVE-2008-7272
Third Party Advisory
https://vulners.com/securityvulns/SECURITYVULNS:DOC:20757?utm_source=securityvulns&utm_medium=redirect
Third Party Advisory
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514386
Issue Tracking
Third Party Advisory
https://security-tracker.debian.org/tracker/CVE-2008-7272
Third Party Advisory
https://vulners.com/securityvulns/SECURITYVULNS:DOC:20757?utm_source=securityvulns&utm_medium=redirect
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:getfiregpg:firegpg:*:*:*:*:*:firefox:*:*

Версия до 0.6 (исключая)

EPSS

Процентиль: 44%

0.00218

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-312

Связанные уязвимости

CVE-2008-7272

CVSS3: 7.5

debian

около 6 лет назад

FireGPG before 0.6 handle user\u2019s passphrase and decrypted clearte ...

GHSA-3w4p-hjjh-fjwg

github

почти 4 года назад

FireGPG before 0.6 handle user?s passphrase and decrypted cleartext insecurely by writing pre-encrypted cleartext and the user's passphrase to disk which may result in the compromise of secure communication or a users?s private key.