CVE-2007-3779

PHP local file inclusion vulnerability in gpg_pop_init.php in the G/PGP (GPG) Plugin before 20070707 for Squirrelmail allows remote attackers to include and execute arbitrary local files, related to the MOD parameter.

Published: Jul 16, 2007
Updated: Apr 13, 2023
CVE: CVE-2007-3779
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
squirrelmail / gpg_plugin	2.1	2.1.x

http://osvdb.org/37930
http://www.attrition.org/pipermail/vim/2007-July/001703.html
http://www.braverock.com/gpg/cvs/viewcvs.cgi/gpg/gpg_pop_init.php.diff?r1=1.14&r2=1.15
http://www.braverock.com/gpg/statcvs/commit_log.html

Vulnerability Database

289,784

CVE-2007-3779