header-logo
Suggest Exploit
vendor:
WinPT
by:
SecurityFocus
7.5
CVSS
HIGH
Key-Spoofing
200
CWE
Product Name: WinPT
Affected Version From: 1.2.2000
Affected Version To: 1.2.2000
Patch Exists: NO
Related CWE: N/A
CPE: winpt
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2007

WinPT Key-Spoofing Vulnerability

WinPT (Windows Privacy Tray) is prone to a key-spoofing vulnerability because it fails to properly display user-supplied key data. An attacker can exploit this issue to trick victim users into encrypting potentially sensitive information with a malicious key that appears to be legitimate.

Mitigation:

Users should avoid downloading and installing software from untrusted sources. Additionally, users should be aware of the potential for spoofed keys and should verify the authenticity of any key before using it.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/24412/info

WinPT (Windows Privacy Tray) is prone to a key-spoofing vulnerability because it fails to properly display user-supplied key data.

An attacker can exploit this issue to trick victim users into encrypting potentially sensitive information with a malicious key that appears to be legitimate.

WinPT 1.2.0 is vulnerable; other versions may also be affected. 

" <attacker@examle.com>"SSSSMMMMSSSS<victim@example2.com> "mailto:attacker@foo.org

Navigation

Suggest Exploit

Services By CQR