Lucene search

MitreCVE-2002-1977

HistoryJun 28, 2005 - 4:00 a.m.

CVE-2002-1977

2005-06-2804:00:00

mitre

web.nvd.nist.gov

network associates

pgp 7.0.4

pgp 7.1

passphrase cache

encryption

vulnerability

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.9

Confidence

Low

EPSS

0.001

Percentile

25.6%

JSON

Network Associates PGP 7.0.4 and 7.1 does not time out according to the value set in the “Passphrase Cache” option, which could allow attackers to open encrypted files without providing a passphrase.

Affected configurations

Nvd

Node

pgppgpMatch7.0.4

pgppgpMatch7.1

VendorProductVersionCPE
pgppgp7.0.4cpe:2.3:a:pgp:pgp:7.0.4:*:*:*:*:*:*:*
pgppgp7.1cpe:2.3:a:pgp:pgp:7.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
pgp	pgp	7.0.4	cpe:2.3:a:pgp:pgp:7.0.4:::::::*
pgp	pgp	7.1	cpe:2.3:a:pgp:pgp:7.1:::::::*

References

archives.neohapsis.com/archives/bugtraq/2002-07/0313.html

archives.neohapsis.com/archives/bugtraq/2002-07/0322.html

www.iss.net/security_center/static/9690.php

www.securityfocus.com/bid/5318

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.9

Confidence

Low

EPSS

0.001

Percentile

25.6%

JSON

Related for CVE-2002-1977