gpg (aka GnuPG) 1.0.4 and other versions does not properly verify detached signatures, which allows malicious users to modify the contents of a file without detection.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gnu privacy guard 1.0.3b |
||
gnu privacy guard 1.0 |
||
gnu privacy guard 1.0.1 |
||
gnu privacy guard 1.0.2 |
||
gnu privacy guard 1.0.3 |