Format String Vulnerability in GnuPG Client Affects Key Retrieval Process
CVE-2003-0978
Currently unrated
Summary
The GnuPG client, specifically the gpgkeys_hkp interface, contains a format string vulnerability that could be exploited by remote attackers or malicious keyservers. This flaw allows attackers to induce a denial of service, potentially crashing the service during key retrieval. Furthermore, in certain circumstances, it may allow for the execution of arbitrary code, endangering system integrity and confidentiality. Users of GnuPG versions 1.2.3 and earlier, as well as 1.3.3 and earlier, are particularly at risk.
References
Timeline
Vulnerability published
Vulnerability Reserved