Unrated severityNVD Advisory· Published Jul 23, 2002· Updated Apr 16, 2026

CVE-2002-0685

Description

Heap-based buffer overflow in the message decoding functionality for PGP Outlook Encryption Plug-In, as used in NAI PGP Desktop Security 7.0.4, Personal Security 7.0.3, and Freeware 7.0.3, allows remote attackers to modify the heap and gain privileges via a large, malformed mail message.

Affected products

PGP Corporation/Desktop Security
cpe:2.3:a:pgp:desktop_security:7.0.4:*:*:*:*:*:*:*
PGP Corporation/Freeware
cpe:2.3:a:pgp:freeware:7.0.3:*:*:*:*:*:*:*
PGP Corporation/Personal Security
cpe:2.3:a:pgp:personal_security:7.0.3:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

download.nai.com/products/licensed/pgp/desktop_security/windows/version_7.04/hotfix/ReadMe.txtnvdPatchVendor Advisory
www.kb.cert.org/vuls/id/821139nvdUS Government Resource
marc.infonvd
marc.infonvd
www.iss.net/security_center/static/9525.phpnvd
www.osvdb.org/4364nvd
www.securityfocus.com/bid/5202nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000