Format String Vulnerability in Gnu Privacy Guard by GnuPG
CVE-2001-0522

Currently unrated

Key Information:

Vendor: Gnu
Status: Privacy Guard
Vendor: CVE Published:; 14 August 2001

What is CVE-2001-0522?

The format string vulnerability present in Gnu Privacy Guard (GnuPG) 1.05 and earlier can potentially allow attackers to exploit format strings derived from the original filenames stored within encrypted files. This can lead to unauthorized privilege escalation, as malicious actors could manipulate the input in a way that compromises the integrity of the encryption process, enabling them to gain elevated access or execute arbitrary code.

References

http://online.securityfocus.com/archive/1/188218

mailing-listx_refsource_BUGTRAQ

https://exchange.xforce.ibmcloud.com/vulnerabilities/6642

vdb-entryx_refsource_XF

http://www.kb.cert.org/vuls/id/403051

third-party-advisoryx_refsource_CERT-VN

EPSS Score

14% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 14, 2001
Vulnerability Reserved
Jun 18, 2001