- EPSS 18.26%
- Veröffentlicht 06.03.2007 20:19:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
GnuPG 1.4.6 and earlier and GPGME before 1.1.4, when run from the command line, does not visually distinguish signed and unsigned portions of OpenPGP messages with multiple components, which might allow remote attackers to forge the contents of a mes...
CVE-2006-6169
- EPSS 2.65%
- Veröffentlicht 29.11.2006 18:28:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
Heap-based buffer overflow in the ask_outfile_name function in openfile.c for GnuPG (gpg) 1.4 and 2.0, when running interactively, might allow attackers to execute arbitrary code via messages with "C-escape" expansions, which cause the make_printable...
- EPSS 33.25%
- Veröffentlicht 28.07.2006 21:04:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Integer overflow in parse_comment in GnuPG (gpg) 1.4.4 allows remote attackers to cause a denial of service (segmentation fault) via a crafted message.
- EPSS 23.12%
- Veröffentlicht 19.06.2006 18:02:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and earlier versions, allows remote attackers to cause a denial of service (gpg crash) and possibly overwrite memory via a message packet with a large length (long user ID string), which could lead to a...
- EPSS 7.68%
- Veröffentlicht 02.05.2005 04:00:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
The integrity check feature in OpenPGP, when handling a message that was encrypted using cipher feedback (CFB) mode, allows remote attackers to recover part of the plaintext via a chosen-ciphertext attack when the first 2 bytes of a message block are...