5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.006 Low
EPSS
Percentile
78.3%
Werner Koch reports:
In the aftermath of the false positive signature
verfication bug (announced 2006-02-15) more thorough testing
of the fix has been done and another vulnerability has been
detected. This new problem affects the use of gpg for
verification of signatures which are not detached
signatures. The problem also affects verification of
signatures embedded in encrypted messages; i.e. standard use
of gpg for mails.