Signature Verification Flaw in GnuPG Affects Document Integrity

CVE-2000-0974

Summary

GnuPG version 1.0.3 contains a vulnerability that fails to properly verify all signatures within files that consist of multiple documents. This oversight enables an attacker to modify the content of all documents, except for the first one, without it being detected. As a result, trust in the document's integrity can be compromised, posing significant risks to users who rely on GnuPG for secure communications.

References