CVE-2007-1264

Enigmail < 0.94.2 - Message Forgery via GnuPG Status-FD Mismanagement

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-1264. PoCs published by Gerardo Richarte.

AI-analyzed exploit summary This exploit leverages a weakness in KMail's handling of GnuPG signed messages to inject arbitrary content. It manipulates the PGP packet structure to insert content without invalidating the signature.

Description

Enigmail 0.94.2 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Enigmail from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message without detection.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Gerardo Richarte · pythonremotelinux

https://www.exploit-db.com/exploits/29690

View Code ZIP pw:eip

This exploit leverages a weakness in KMail's handling of GnuPG signed messages to inject arbitrary content. It manipulates the PGP packet structure to insert content without invalidating the signature.

Classification

Working Poc 90%

Attack Type

Other

Complexity

Moderate

Reliability

Reliable

Target: KMail versions prior to and including 1.9.5

No auth needed

Prerequisites: A GnuPG signed message file as input

MITRE ATT&CK