GNUMail.App GnuPG Arbitrary Content Injection Vulnerability is prone to a vulnerability that may allow an attacker to add arbitrary content into a message without the end user knowing.

An attacker may be able to exploit this issue to add arbitrary content into a GnuPG signed and/or encrypted message.

This vulnerability is due to the weakness discussed in BID 22757 (GnuPG Signed Message Arbitrary Content Injection Weakness) and has been assigned its own BID because of the specific way that uses GnuPG.

This issue affects versions prior to and including 1.1.2.


Privacy Statement
Copyright 2010, SecurityFocus