S
Stomper1
Guest
A malicious e-mail can create a buffer overrun in Network Associates' PGP plugin for MS Outlook on Windows, which in turn can be used to run arbitrary code with the user's level of privilege. At a minimum this could compromise the user's passphrase and expose his encrypted messages, and at a maximum surrender control of the machine. Attachments do not need to be activated; merely selecting the malicious message is sufficient.
http://theregister.co.uk/content/4/26145.html
If you use this plugin, get the patch here:
http://www.nai.com/naicommon/download/upgrade/patches/patch-pgphotfix.asp
http://theregister.co.uk/content/4/26145.html
If you use this plugin, get the patch here:
http://www.nai.com/naicommon/download/upgrade/patches/patch-pgphotfix.asp