CVE-2014-7287

The key-management component in Symantec PGP Universal Server and Encryption Management Server before 3.3.2 MP7 allows remote attackers to trigger unintended content in outbound e-mail messages via a crafted key UID value in an inbound e-mail message, as demonstrated by the outbound Subject header.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:symantec:encryption_management_server:*:mp6:*:*:*:*:*:*
cpe:2.3:a:symantec:pgp_universal_server:*:mp6:*:*:*:*:*:*

Information

Published : 2015-01-31 18:59

Updated : 2017-09-07 18:29


NVD link : CVE-2014-7287

Mitre link : CVE-2014-7287


JSON object : View

CWE
CWE-74

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Advertisement

dedicated server usa

Products Affected

symantec

  • pgp_universal_server
  • encryption_management_server