GNU GNU Privacy Guard 1.2.3

CPE Details

GNU GNU Privacy Guard 1.2.3
gnu
privacy_guard
1.2.3
2007-08-23
19h16 +00:00
2008-04-01
13h03 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:gnu:privacy_guard:1.2.3:*:*:*:*:*:*:*

Informations

Vendor

gnu

Product

privacy_guard

Version

1.2.3

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2006-0049 2006-03-13 20h00 +00:00 gpg in GnuPG before 1.4.2.2 does not properly verify non-detached signatures, which allows attackers to inject unsigned data via a data packet that is not associated with a control packet, which causes the check for concatenated signatures to report that the signature is valid, a different vulnerability than CVE-2006-0455.
5
CVE-2006-0455 2006-02-15 21h00 +00:00 gpgv in GnuPG before 1.4.2.1, when using unattended signature verification, returns a 0 exit code in certain cases even when the detached signature file does not carry a signature, which could cause programs that use gpgv to assume that the signature verification has succeeded. Note: this also occurs when running the equivalent command "gpg --verify".
4.6
CVE-2003-0978 2003-12-10 04h00 +00:00 Format string vulnerability in gpgkeys_hkp (experimental HKP interface) for the GnuPG (gpg) client 1.2.3 and earlier, and 1.3.3 and earlier, allows remote attackers or a malicious keyserver to cause a denial of service (crash) and possibly execute arbitrary code during key retrieval.
7.5
CVE-2003-0971 2003-12-02 04h00 +00:00 GnuPG (GPG) 1.0.2, and other versions up to 1.2.3, creates ElGamal type 20 (sign+encrypt) keys using the same key component for encryption as for signing, which allows attackers to determine the private key from a signature.
5