Title: Remote PGP Outlook Encryption Plug-in Vulnerability
A vulnerability in the NAI PGP Outlook plug-in can be exploited to remotely execute code on any system that uses the NAI PGP Outlook plug-ins. By sending a carefully crafted email, the message decoding functionality can be manipulated to overwrite various heap structures pertinent to the PGP plug-in.
This vulnerability can be exploited by the Outlook user simply selecting a "malicious" email, the opening of an attachment is not required. When the attack is performed against a target system, malicious code will be executed within the context of the user receiving the email. This can lead to the compromise of the target's machine, as well as their PGP encrypted communications. Also, it should be noted that because of the nature of the SMTP protocol this vulnerability can be exploited anonymously.
Network Associates released a hotfix for this problem:
Size: 90 kb
Platform: Windows 95, 98, ME, NT, 2000, XP
Release note:The PGP plug-in for Microsoft Exchange/Outlook can experience a buffer overflow when processing e-mail. This vulnerability makes it theoretically possible for a third party to run malicious code on the affected system. (Note: This issue does not affect PGP Corporate Desktop users.) This hotfix fixes the buffer overflow problem, and removes the potential vulnerability.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.