CVE-2002-1696
Title: PGP Outlook plug-in saves decrypted copies to hard disk
Information disclosure
Proof Of Concept
No public PoC currently indexed for CVE-2002-1696.
CWE Category
CWE-312
Published Date
Dec 31, 2002
Modified Date
Apr 03, 2025
Exploit Status
Not Found
Score
5.5
CVSS v3.1
Exploit Probability (EPSS)
0.08%
Vulnerability Summary
CVE-2002-1696: Microsoft Outlook plug-in PGP version 7.0, 7.0.3, and 7.0.4 silently saves a decrypted copy of a message to hard disk when "Automatically decrypt/verify when opening messages" option is checked, "Always use Secure Viewer when decrypting" option is not checked, and the user replies to an encrypted message.
Impacted Vendors
Reference Links
http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0201&L=ntbugtraq&F=P&S=&P=528
http://www.securityfocus.com/bid/3825
https://exchange.xforce.ibmcloud.com/vulnerabilities/7900
http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0201&L=ntbugtraq&F=P&S=&P=528
http://www.securityfocus.com/bid/3825
https://exchange.xforce.ibmcloud.com/vulnerabilities/7900
CVSS v3.1
Source Entity
[email protected]
Severity
MEDIUM
5.5
Attack Vector
LOCAL
Complexity
LOW
Privileges
N/A
Interaction
NONE
Confidentiality
N/A
Integrity
N/A
Availability
N/A
Scope
UNCHANGED
RAW VECTOR
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVSS v2.0
Source Entity
[email protected]
Severity
LOW
2.1
Access Vector
N/A
Authentication
N/A
RAW VECTOR
AV:L/AC:L/Au:N/C:P/I:N/A:N
Associated Attack Patterns (CAPEC)
Total: PatternsNo specific attack patterns mapped.
Likelihood
Severity
Page /
CVE-2002-1696 Exploits & PoCs (Proof Of Concept)
No public PoCs found in our database for this CVE.
MODIFIED
Vulnerability data or affected products updated.
PUBLISHED
Vulnerability first announced in NVD.
Attack Vector Matrix
Access Vector
LOCAL
Complexity
LOW
Privileges
N/A
Interaction
NONE
CVSS Vector String
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected Stack
No specific products linked.