OpenPGP Message Vulnerability in GnuPG and GPGME by GnuPG
CVE-2007-1263
Currently unrated
Summary
GnuPG versions 1.4.6 and earlier, along with GPGME prior to 1.1.4, are susceptible to a vulnerability that fails to visually separate signed and unsigned sections of OpenPGP messages when executed via the command line. This oversight could enable attackers to manipulate the content of messages undetected, potentially leading to the spread of false or misleading information.
References
EPSS Score
16% chance of being exploited in the next 30 days.
Timeline
Vulnerability published
Vulnerability Reserved