Lookup for vulnerabilities affecting packages.
| Vulnerability_id | VCID-74uy-aghm-bkhd |
|---|
| Summary | Enigmail 0.94.2 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Enigmail from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message without detection. |
|---|
| Aliases |
|
|---|
| Fixed_packages |
|
|---|
| Affected_packages |
| 0 |
| url |
pkg:deb/debian/enigmail@2:0.91-4sarge2 |
| purl |
pkg:deb/debian/enigmail@2:0.91-4sarge2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1t5g-b5jt-8yft |
|
| 1 |
| vulnerability |
VCID-74uy-aghm-bkhd |
|
| 2 |
| vulnerability |
VCID-7535-appn-5fhm |
|
| 3 |
| vulnerability |
VCID-9cm4-mu3q-2yey |
|
| 4 |
| vulnerability |
VCID-bz74-1y1q-8qfc |
|
| 5 |
| vulnerability |
VCID-c5zg-brhd-4ygg |
|
| 6 |
| vulnerability |
VCID-f212-18j2-rych |
|
| 7 |
| vulnerability |
VCID-g4s8-7k7n-c3an |
|
| 8 |
| vulnerability |
VCID-gqrn-ek3y-hbg1 |
|
| 9 |
| vulnerability |
VCID-mmdw-63mg-2uhm |
|
| 10 |
| vulnerability |
VCID-sg6f-tksc-d3f5 |
|
| 11 |
| vulnerability |
VCID-tqpx-hedp-dfcb |
|
| 12 |
| vulnerability |
VCID-ux6a-2384-suf9 |
|
| 13 |
| vulnerability |
VCID-x8dz-d9af-fyg2 |
|
| 14 |
| vulnerability |
VCID-xbab-79ux-t3bn |
|
| 15 |
| vulnerability |
VCID-yh48-k15t-gqcu |
|
| 16 |
| vulnerability |
VCID-zm59-us92-2bh1 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/enigmail@2:0.91-4sarge2 |
|
| 1 |
| url |
pkg:deb/debian/enigmail@2:0.94.2-1 |
| purl |
pkg:deb/debian/enigmail@2:0.94.2-1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1t5g-b5jt-8yft |
|
| 1 |
| vulnerability |
VCID-74uy-aghm-bkhd |
|
| 2 |
| vulnerability |
VCID-7535-appn-5fhm |
|
| 3 |
| vulnerability |
VCID-9cm4-mu3q-2yey |
|
| 4 |
| vulnerability |
VCID-bz74-1y1q-8qfc |
|
| 5 |
| vulnerability |
VCID-c5zg-brhd-4ygg |
|
| 6 |
| vulnerability |
VCID-f212-18j2-rych |
|
| 7 |
| vulnerability |
VCID-g4s8-7k7n-c3an |
|
| 8 |
| vulnerability |
VCID-gqrn-ek3y-hbg1 |
|
| 9 |
| vulnerability |
VCID-mmdw-63mg-2uhm |
|
| 10 |
| vulnerability |
VCID-tqpx-hedp-dfcb |
|
| 11 |
| vulnerability |
VCID-ux6a-2384-suf9 |
|
| 12 |
| vulnerability |
VCID-x8dz-d9af-fyg2 |
|
| 13 |
| vulnerability |
VCID-xbab-79ux-t3bn |
|
| 14 |
| vulnerability |
VCID-zm59-us92-2bh1 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/enigmail@2:0.94.2-1 |
|
| 2 |
| url |
pkg:deb/debian/enigmail@2:0.94.2-2 |
| purl |
pkg:deb/debian/enigmail@2:0.94.2-2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1t5g-b5jt-8yft |
|
| 1 |
| vulnerability |
VCID-74uy-aghm-bkhd |
|
| 2 |
| vulnerability |
VCID-7535-appn-5fhm |
|
| 3 |
| vulnerability |
VCID-9cm4-mu3q-2yey |
|
| 4 |
| vulnerability |
VCID-bz74-1y1q-8qfc |
|
| 5 |
| vulnerability |
VCID-c5zg-brhd-4ygg |
|
| 6 |
| vulnerability |
VCID-f212-18j2-rych |
|
| 7 |
| vulnerability |
VCID-g4s8-7k7n-c3an |
|
| 8 |
| vulnerability |
VCID-gqrn-ek3y-hbg1 |
|
| 9 |
| vulnerability |
VCID-mmdw-63mg-2uhm |
|
| 10 |
| vulnerability |
VCID-tqpx-hedp-dfcb |
|
| 11 |
| vulnerability |
VCID-ux6a-2384-suf9 |
|
| 12 |
| vulnerability |
VCID-x8dz-d9af-fyg2 |
|
| 13 |
| vulnerability |
VCID-xbab-79ux-t3bn |
|
| 14 |
| vulnerability |
VCID-zm59-us92-2bh1 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/enigmail@2:0.94.2-2 |
|
|
|---|
| References |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2007-1264 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.12359 |
| scoring_system |
epss |
| scoring_elements |
0.9391 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.12359 |
| scoring_system |
epss |
| scoring_elements |
0.93843 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.12359 |
| scoring_system |
epss |
| scoring_elements |
0.93852 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.12359 |
| scoring_system |
epss |
| scoring_elements |
0.93862 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.12359 |
| scoring_system |
epss |
| scoring_elements |
0.93864 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.12359 |
| scoring_system |
epss |
| scoring_elements |
0.93873 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.12359 |
| scoring_system |
epss |
| scoring_elements |
0.93877 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.12359 |
| scoring_system |
epss |
| scoring_elements |
0.93882 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.12359 |
| scoring_system |
epss |
| scoring_elements |
0.93881 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.12359 |
| scoring_system |
epss |
| scoring_elements |
0.93903 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.12359 |
| scoring_system |
epss |
| scoring_elements |
0.93909 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2007-1264 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
|---|
| Weaknesses |
|
|---|
| Exploits |
| 0 |
| date_added |
2007-03-05 |
| description |
KMail 1.x - GnuPG Arbitrary Content Injection |
| required_action |
null |
| due_date |
null |
| notes |
null |
| known_ransomware_campaign_use |
true |
| source_date_published |
2007-03-05 |
| exploit_type |
remote |
| platform |
linux |
| source_date_updated |
2013-11-19 |
| data_source |
Exploit-DB |
| source_url |
https://www.securityfocus.com/bid/22759/info |
|
|
|---|
| Severity_range_score | 5.0 - 5.0 |
|---|
| Exploitability | 2.0 |
|---|
| Weighted_severity | 4.5 |
|---|
| Risk_score | 9.0 |
|---|
| Resource_url | http://public2.vulnerablecode.io/vulnerabilities/VCID-74uy-aghm-bkhd |
|---|