CVE-2010-3397

all versions

Untrusted search path vulnerability in PGP Desktop 9.9.0 Build 397, 9.10.x, 10.0.0 Build 2732, and probably other versions allows

CVE-2009-0681

<= 9.9.0

PGP Desktop before 9.10 allows local users to (1) cause a denial of service (crash) via a crafted IOCTL request to pgpdisk.sys, an

CVE-2008-5731

all versions

The PGPwded device driver (aka PGPwded.sys) in PGP Corporation PGP Desktop 9.0.6 build 6060 and 9.9.0 build 397 allows local users

CVE-2007-0603

all versions

PGP Desktop before 9.5.1 does not validate data objects received over the (1) \pipe\pgpserv named pipe for PGPServ.exe or the (2)

CVE-2005-4151

<= 9.0.3_build_2932

The Wipe Free Space utility in PGP Desktop Home 8.0 and Desktop Professional 9.0.3 Build 2932 and earlier does not clear file slac

CVE-2002-2069

>= 6.0.2 and <= 6.5.8

PGP 6.x and 7.x does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attack

7.5HIGH

CVE-2002-1977

all versions

Network Associates PGP 7.0.4 and 7.1 does not time out according to the value set in the "Passphrase Cache" option, which could al

CVE-2002-1696

all versions

Microsoft Outlook plug-in PGP version 7.0, 7.0.3, and 7.0.4 silently saves a decrypted copy of a message to hard disk when "Automa

5.5MEDIUM

CVE-2002-0850

all versions

Buffer overflow in PGP Corporate Desktop 7.1.1 allows remote attackers to execute arbitrary code via an encrypted document that ha

CVE-2002-0788

all versions

An interaction between PGP 7.0.3 with the "wipe deleted files" option, when used on Windows Encrypted File System (EFS), creates a

5.5MEDIUM

CVE-2002-0685

all versions

Heap-based buffer overflow in the message decoding functionality for PGP Outlook Encryption Plug-In, as used in NAI PGP Desktop Se

CVE-2001-1252

all versions

Network Associates PGP Keyserver 7.0 allows remote attackers to bypass authentication and access the administrative web interface

CVE-2001-1016

all versions

PGP Corporate Desktop before 7.1, Personal Security before 7.0.3, Freeware before 7.0.3, and E-Business Server before 7.1 does not

CVE-2001-1320

all versions

Network Associates PGP Keyserver 7.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary c

CVE-2001-0435

all versions

The split key mechanism used by PGP 7.0 allows a key share holder to obtain access to the entire key by setting the "Cache passphr

CVE-2001-0265

<= 7.0.3

ASCII Armor parser in Windows PGP 7.0.3 and earlier allows attackers to create files in arbitrary locations via a malformed ASCII

CVE-2000-0802

all versions

The BAIR program does not properly restrict access to the Internet Explorer Internet options menu, which allows local users to obt

CVE-2000-0678

all versions

PGP 5.5.x through 6.5.3 does not properly check if an Additional Decryption Key (ADK) is stored in the signed portion of a public

CVE-2000-0543

all versions

The command port for PGP Certificate Server 2.5.0 and 2.5.1 allows remote attackers to cause a denial of service if their hostname

CVE-2000-0445

all versions

The pgpk command in PGP 5.x on Unix systems uses an insufficiently random data source for non-interactive key pair generation, whi