CVE-2007-1268
EPSS 1.5%Published: 3/6/2007Modified: 4/28/2026
Description
Mutt 1.5.13 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Mutt from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message without detection.
Affected packages (1)
- Debian/muttfrom 0