CVE-2007-3201

Windows Privacy Tray 1.2.0 - User-Assisted RCE

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-3201. PoCs published by nnposter.

AI-analyzed exploit summary The provided text describes a key-spoofing vulnerability in WinPT (Windows Privacy Tray) where the software fails to properly display user-supplied key data, allowing an attacker to trick users into encrypting sensitive information with a malicious key. The example demonstrates how an attacker's key can be disguised to appear legitimate.

Description

Visual truncation vulnerability in Windows Privacy Tray (WinPT) 1.2.0 allows user-assisted remote attackers to install a key listed under the wrong user ID, and possibly cause the user to encrypt a victim's correspondence with this attacker-supplied key, via a key ID composed of the attacker's user ID, space characters, an invalid WinPT message, additional space characters, and the victim's user ID.

Exploits (1)

exploitdb WRITEUP VERIFIED

by nnposter · textremotewindows

https://www.exploit-db.com/exploits/30169

View Code ZIP pw:eip

The provided text describes a key-spoofing vulnerability in WinPT (Windows Privacy Tray) where the software fails to properly display user-supplied key data, allowing an attacker to trick users into encrypting sensitive information with a malicious key. The example demonstrates how an attacker's key can be disguised to appear legitimate.

Classification

Writeup 90%

Attack Type

Other

Complexity

Trivial

Reliability

Theoretical

Target: WinPT 1.2.0

No auth needed

Prerequisites: Victim must use WinPT to encrypt data · Attacker must craft a spoofed key

MITRE ATT&CK