Reported April 9, 2001, by @stake.
VERSION AFFECTED
-
Pretty Good Privacy 5.0 to 7.0.3 for Windows 2000, Windows NT, Windows Millennium (Me), and Windows 9x
DESCRIPTION
Using Pretty Good Privacy (PGP) versions 5.0 to 7.0.3 of Windows 2000, Windows NT, Windows Millennium (Me),and Windows 9x, a malicious attacker can wrap a specially formed ASCII armored file around a file with arbitrary name and contents. After parsing the armored file by using PGP, the attacker can extract the binary file. Because of the way that Windows OSs load the .dll files, if the extracted file is a .dll file, the intruder can trick several applications into loading the .dll files and executing potentially malicious code. Users can obtain a more detailed advisory from the @stake Web site.
VENDOR RESPONSE
The vendor, Network Associates, Inc. (NAI), has released several patches to correct this vulnerability:
PGP Desktop Security 7.0.4 Hotfix 1
CREDIT
Discovered by Chris Anley of @stake.
