Lucene search

K

[email protected]NVD:CVE-2007-1263

HistoryMar 06, 2007 - 8:19 p.m.

CVE-2007-1263

2007-03-0620:19:00

[email protected]

web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

6.5 Medium

AI Score

Confidence

Low

0.294 Low

EPSS

Percentile

96.9%

GnuPG 1.4.6 and earlier and GPGME before 1.1.4, when run from the command line, does not visually distinguish signed and unsigned portions of OpenPGP messages with multiple components, which might allow remote attackers to forge the contents of a message without detection.

Affected configurations

NVD

Node

gnugpgmeRange≤1.1.3

OR

gnupggnupgRange≤1.4.6

References

ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc

fedoranews.org/cms/node/2775

fedoranews.org/cms/node/2776

lists.gnupg.org/pipermail/gnupg-users/2007-March/030514.html

lists.suse.com/archive/suse-security-announce/2007-Mar/0008.html

secunia.com/advisories/24365

secunia.com/advisories/24407

secunia.com/advisories/24419

secunia.com/advisories/24420

secunia.com/advisories/24438

secunia.com/advisories/24489

secunia.com/advisories/24511

secunia.com/advisories/24544

secunia.com/advisories/24650

secunia.com/advisories/24734

secunia.com/advisories/24875

securityreason.com/securityalert/2353

support.avaya.com/elmodocs2/security/ASA-2007-144.htm

www.coresecurity.com/?action=item&id=1687

www.debian.org/security/2007/dsa-1266

www.mandriva.com/security/advisories?name=MDKSA-2007:059

www.redhat.com/support/errata/RHSA-2007-0106.html

www.redhat.com/support/errata/RHSA-2007-0107.html

www.securityfocus.com/archive/1/461958/100/0/threaded

www.securityfocus.com/archive/1/461958/30/7710/threaded

www.securityfocus.com/bid/22757

www.securitytracker.com/id?1017727

www.trustix.org/errata/2007/0009/

www.ubuntu.com/usn/usn-432-1

www.ubuntu.com/usn/usn-432-2

www.vupen.com/english/advisories/2007/0835

issues.rpath.com/browse/RPL-1111

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10496

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

6.5 Medium

AI Score

Confidence

Low

0.294 Low

EPSS

Percentile

96.9%

Related for NVD:CVE-2007-1263

redhat2 openvas14 nessus15 prion1 debiancve1 suse1 oraclelinux2 centos2 cvelist1 slackware1 cve1 debian1 ubuntucve6 ubuntu2 coresecurity1 securityvulns2