CVE-2000-0974

Currently unrated

Key Information:

Vendor: Gnu
Status: Privacy Guard
Vendor: CVE Published:; 19 December 2000

Summary

GnuPG (gpg) 1.0.3 does not properly check all signatures of a file containing multiple documents, which allows an attacker to modify contents of all documents but the first without detection.

References

http://archives.neohapsis.com/archives/bugtraq/2000-10/02...

mailing-listx_refsource_BUGTRAQ

http://archives.neohapsis.com/archives/bugtraq/2000-10/03...

mailing-listx_refsource_BUGTRAQ

http://www.debian.org/security/2000/20001111

vendor-advisoryx_refsource_DEBIAN

Timeline

Vulnerability published
Dec 19, 2000
Vulnerability Reserved
Nov 24, 2000