CVE-2002-1696 — MEDIUM severity vulnerability (Microsoft Outlook plug-in PGP version 7.0, 7.0.3, and 7.0.4)
Microsoft Outlook plug-in PGP version 7.0, 7.0.3, and 7.0.4 silently saves a decrypted copy of a message to hard disk when "Automatically decrypt/verify when opening messages" option is checked, "Always use Secure Viewer when decrypting" option is not checked, and the user replies to an encrypted message.
| CVE ID | CVE-2002-1696 |
|---|---|
| Severity | MEDIUM |
| CVSS score | 5.5 |
| CVSS vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
| CWE | CWE-312 |
| Status | Modified |
| Published | 2002-12-31 |
| Last modified | 2026-04-16 |
| Description | Microsoft Outlook plug-in PGP version 7.0, 7.0.3, and 7.0.4 silently saves a decrypted copy of a message to hard disk when "Automatically decrypt/verify when opening messages" option is checked, "Always use Secure Viewer when decrypting" option is not checked, and the user replies to an encrypted message. |
| Source | NIST National Vulnerability Database |
🔍 Search all vulnerabilities →
$999/mo
Try CVECheck →