GnuPG 1.4.6 and earlier and GPGME before 1.1.4, when run from the command line, does not visually distinguish signed and unsigned portions of OpenPGP messages with multiple components, which might allow remote attackers to forge the contents of a message without detection.
CVSS Score
5.0
EPSS Score
0.255
Published
2007-03-06
Heap-based buffer overflow in the ask_outfile_name function in openfile.c for GnuPG (gpg) 1.4 and 2.0, when running interactively, might allow attackers to execute arbitrary code via messages with "C-escape" expansions, which cause the make_printable_string function to return a longer string than expected while constructing a prompt.
CVSS Score
6.8
EPSS Score
0.026
Published
2006-11-29
Integer overflow in parse_comment in GnuPG (gpg) 1.4.4 allows remote attackers to cause a denial of service (segmentation fault) via a crafted message.
CVSS Score
5.0
EPSS Score
0.353
Published
2006-07-28
parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and earlier versions, allows remote attackers to cause a denial of service (gpg crash) and possibly overwrite memory via a message packet with a large length (long user ID string), which could lead to an integer overflow, as demonstrated using the --no-armor option.
CVSS Score
5.0
EPSS Score
0.303
Published
2006-06-19
The integrity check feature in OpenPGP, when handling a message that was encrypted using cipher feedback (CFB) mode, allows remote attackers to recover part of the plaintext via a chosen-ciphertext attack when the first 2 bytes of a message block are known, and an oracle or other mechanism is available to determine whether an integrity check failed.
CVSS Score
5.0
EPSS Score
0.077
Published
2005-05-02
Page 4