Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2006-0049

Опубликовано: 13 мар. 2006
Источник: nvd
CVSS2: 5
EPSS Низкий

Описание

gpg in GnuPG before 1.4.2.2 does not properly verify non-detached signatures, which allows attackers to inject unsigned data via a data packet that is not associated with a control packet, which causes the check for concatenated signatures to report that the signature is valid, a different vulnerability than CVE-2006-0455.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:gnu:privacy_guard:1.0:*:*:*:*:*:*:*
cpe:2.3:a:gnu:privacy_guard:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:privacy_guard:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:privacy_guard:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:privacy_guard:1.0.3b:*:*:*:*:*:*:*
cpe:2.3:a:gnu:privacy_guard:1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:privacy_guard:1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:gnu:privacy_guard:1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:gnu:privacy_guard:1.0.7:*:*:*:*:*:*:*
cpe:2.3:a:gnu:privacy_guard:1.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:privacy_guard:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:privacy_guard:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:privacy_guard:1.2.2:rc1:*:*:*:*:*:*
cpe:2.3:a:gnu:privacy_guard:1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:privacy_guard:1.2.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:privacy_guard:1.2.5:*:*:*:*:*:*:*
cpe:2.3:a:gnu:privacy_guard:1.2.6:*:*:*:*:*:*:*
cpe:2.3:a:gnu:privacy_guard:1.2.7:*:*:*:*:*:*:*
cpe:2.3:a:gnu:privacy_guard:1.3.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:privacy_guard:1.3.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:privacy_guard:1.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:privacy_guard:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:privacy_guard:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:privacy_guard:1.4.2.1:*:*:*:*:*:*:*

EPSS

Процентиль: 89%
0.04481
Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

ubuntu логотип

CVE-2006-0049

ubuntu
больше 19 лет назад

gpg in GnuPG before 1.4.2.2 does not properly verify non-detached signatures, which allows attackers to inject unsigned data via a data packet that is not associated with a control packet, which causes the check for concatenated signatures to report that the signature is valid, a different vulnerability than CVE-2006-0455.

redhat логотип

CVE-2006-0049

redhat
больше 19 лет назад

gpg in GnuPG before 1.4.2.2 does not properly verify non-detached signatures, which allows attackers to inject unsigned data via a data packet that is not associated with a control packet, which causes the check for concatenated signatures to report that the signature is valid, a different vulnerability than CVE-2006-0455.

debian логотип

CVE-2006-0049

debian
больше 19 лет назад

gpg in GnuPG before 1.4.2.2 does not properly verify non-detached sign ...

github логотип

GHSA-c5p7-4hq8-gm4c

github
больше 3 лет назад

gpg in GnuPG before 1.4.2.2 does not properly verify non-detached signatures, which allows attackers to inject unsigned data via a data packet that is not associated with a control packet, which causes the check for concatenated signatures to report that the signature is valid, a different vulnerability than CVE-2006-0455.

EPSS

Процентиль: 89%
0.04481
Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other