CVE-2007-1266

Evolution < 2.8.1 - OpenPGP Message Forgery via GnuPG Status-FD Mismanagement

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-1266. PoCs published by Gerardo Richarte.

AI-analyzed exploit summary This exploit demonstrates a vulnerability in Evolution and KMail where arbitrary content can be injected into a GnuPG signed/encrypted message. It manipulates the PGP packet structure to insert content without invalidating the signature.

Description

Evolution 2.8.1 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Evolution from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message without detection.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Gerardo Richarte · pythonremotelinux

https://www.exploit-db.com/exploits/29691

View Code ZIP pw:eip

This exploit demonstrates a vulnerability in Evolution and KMail where arbitrary content can be injected into a GnuPG signed/encrypted message. It manipulates the PGP packet structure to insert content without invalidating the signature.

Classification

Working Poc 90%

Attack Type

Other

Complexity

Moderate

Reliability

Reliable

Target: Evolution, KMail <= 2.8.1

No auth needed

Prerequisites: A valid GnuPG signed message to modify

MITRE ATT&CK