CVE-2003-0978

Currently unrated

Key Information:

Vendor: Gnu
Status: Privacy Guard
Vendor: CVE Published:; 5 January 2004

Summary

Format string vulnerability in gpgkeys_hkp (experimental HKP interface) for the GnuPG (gpg) client 1.2.3 and earlier, and 1.3.3 and earlier, allows remote attackers or a malicious keyserver to cause a denial of service (crash) and possibly execute arbitrary code during key retrieval.

References

http://www.s-quadra.com/advisories/Adv-20031203.txt

x_refsource_MISC

http://www.novell.com/linux/security/advisories/2003_048_...

vendor-advisoryx_refsource_SUSE

http://marc.info/?l=bugtraq&m=107047470625214&w=2

mailing-listx_refsource_BUGTRAQ

EPSS Score

3% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jan 5, 2004
Vulnerability Reserved
Dec 9, 2003