PGP ASCII Armor Parser could allow execution of code

pgp-armor-code-execution (6643) The risk level is classified as HighHigh Risk

Description:

PGP (Pretty Good Privacy) contains a vulnerability in the ASCII Armor Parser that could allow an attacker to execute arbitrary code on another computer. An attacker could embed a malicious DLL within a specially-crafted ASCII armored file. Once PGP parses the armored file, the malicious DLL is extracted and arbitrary code is executed on the target computer.


Consequences:

Gain Access

Remedy:

For PGP Desktop Security:
Apply the PGP Desktop Security 7.0.4 Hotfix 1 patch, as listed in @stake, Inc. Security Advisory A040901-1. See References.

For PGPfreeware:
Apply the PGPfreeware 7.0.3 Hotfix 1 patch, as listed in @stake, Inc. Security Advisory A040901-1. See References.

References:

  • @stake, Inc. Security Advisory A040901-1: Windows PGP (Pretty Good Privacy) ASCII Armor Parser Vulnerability.
  • BID-2556: PGP ASCII Armor Parser Arbitrary File Creation Vulnerability
  • CVE-2001-0265: ASCII Armor parser in Windows PGP 7.0.3 and earlier allows attackers to create files in arbitrary locations via a malformed ASCII armored file.
  • OSVDB ID: 1782: PGP ASCII Armor Parser Arbitrary Command Execution

Platforms Affected:

  • PGP Personal Privacy 5.0
  • PGP Personal Privacy 5.5.3
  • PGP Personal Privacy 5.5.5
  • PGP Personal Privacy 6.0.2
  • PGP Personal Privacy 6.5
  • PGP Personal Privacy 6.5.1
  • PGP Personal Privacy 6.5.3
  • PGP Personal Privacy 6.5.8
  • PGP Personal Privacy 7.0
  • PGP Personal Privacy 7.0.3

Reported:

Apr 09, 2001

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page