Vulnerability Report

CVE-2001-0265

Title: PGP ASCII Armor parser allows arbitrary file creation

Arbitrary file creation

Proof Of Concept

PoC Available for CVE-2001-0265

CWE Category NVD-CWE-noinfo

Published Date Jun 18, 2001

Modified Date Apr 03, 2025

Exploit Status Available

Score 2.1 CVSS v2.0

Exploit Probability (EPSS)

0.94%

Vulnerability Summary

CVE-2001-0265: ASCII Armor parser in Windows PGP 7.0.3 and earlier allows attackers to create files in arbitrary locations via a malformed ASCII armored file.

Impacted Vendors

pgp 1

Reference Links

http://www.atstake.com/research/advisories/2001/a040901-1.txt http://www.osvdb.org/1782 http://www.securityfocus.com/bid/2556 https://exchange.xforce.ibmcloud.com/vulnerabilities/6643 http://www.atstake.com/research/advisories/2001/a040901-1.txt http://www.osvdb.org/1782 http://www.securityfocus.com/bid/2556 https://exchange.xforce.ibmcloud.com/vulnerabilities/6643

CVSS v2.0

Source Entity [email protected]

Severity LOW

2.1

Access Vector

N/A

Authentication

N/A

RAW VECTOR AV:L/AC:L/Au:N/C:N/I:P/A:N

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2001-0265 Exploits & PoCs (Proof Of Concept)

Exploit-DB https://www.exploit-db.com/exploits/20738

View Code

April 03, 2025 MODIFIED

Vulnerability data or affected products updated.

June 18, 2001 PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector N/A

Complexity N/A

Privileges N/A

Interaction NONE

CVSS Vector String


                                    AV:L/AC:L/Au:N/C:N/I:P/A:N

Affected Stack

No specific products linked.