Vulnerability Details CVE-2000-0974
GnuPG (gpg) 1.0.3 does not properly check all signatures of a file containing multiple documents, which allows an attacker to modify contents of all documents but the first without detection.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.018
EPSS Ranking 81.9%
CVSS Severity
CVSS v2 Score 7.5
References
- ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:67.gnupg.asc
- ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-038.0.txt
- http://archives.neohapsis.com/archives/bugtraq/2000-10/0201.html
- http://archives.neohapsis.com/archives/bugtraq/2000-10/0361.html
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000334
- http://www.debian.org/security/2000/20001111
- http://www.osvdb.org/1608
- http://www.redhat.com/support/errata/RHSA-2000-089.html
- http://www.securityfocus.com/bid/1797
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5386
- ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:67.gnupg.asc
- ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-038.0.txt
- http://archives.neohapsis.com/archives/bugtraq/2000-10/0201.html
- http://archives.neohapsis.com/archives/bugtraq/2000-10/0361.html
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000334
- http://www.debian.org/security/2000/20001111
- http://www.osvdb.org/1608
- http://www.redhat.com/support/errata/RHSA-2000-089.html
- http://www.securityfocus.com/bid/1797
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5386
Products affected by CVE-2000-0974
-
cpe:2.3:a:gnu:privacy_guard:1.0
-
cpe:2.3:a:gnu:privacy_guard:1.0.1
-
cpe:2.3:a:gnu:privacy_guard:1.0.2
-
cpe:2.3:a:gnu:privacy_guard:1.0.3