GnuPG (gpg) 1.0.3 does not properly check all signatures of a file containing multiple documents, which allows an malicious user to modify contents of all documents but the first without detection.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gnu privacy guard 1.0.2 |
||
gnu privacy guard 1.0.3 |
||
gnu privacy guard 1.0 |
||
gnu privacy guard 1.0.1 |