6.5 Medium
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.018 Low
EPSS
Percentile
87.9%
Format string vulnerability in Gnu Privacy Guard (aka GnuPG or gpg) 1.05 and earlier can allow an attacker to gain privileges via format strings in the original filename that is stored in an encrypted file.
CPE | Name | Operator | Version |
---|---|---|---|
gnu:privacy_guard | gnu privacy guard | eq | 7.2 |
gnu:privacy_guard | gnu privacy guard | eq | 8.0 |
gnu:privacy_guard | gnu privacy guard | eq | 7.1 |
distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000399
download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-023-01
online.securityfocus.com/archive/1/188218
www.calderasystems.com/support/security/advisories/CSSA-2001-020.0.txt
www.debian.org/security/2001/dsa-061
www.gnupg.org/whatsnew.html#rn20010529
www.kb.cert.org/vuls/id/403051
www.linux-mandrake.com/en/security/2001/MDKSA-2001-053.php3
www.novell.com/linux/security/advisories/2001_020_gpg_txt.html
www.osvdb.org/1845
www.redhat.com/support/errata/RHSA-2001-073.html
www.securityfocus.com/bid/2797
www.turbolinux.com/pipermail/tl-security-announce/2001-June/000439.html
exchange.xforce.ibmcloud.com/vulnerabilities/6642