GnuPG (gpg) 1.0.3 does not properly check all signatures of a file containing multiple documents, which allows an attacker to modify contents of all documents but the first without detection.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Privacy_guard | Gnu | 1.0 | 1.0 |
Privacy_guard | Gnu | 1.0.1 | 1.0.1 |
Privacy_guard | Gnu | 1.0.2 | 1.0.2 |
Privacy_guard | Gnu | 1.0.3 | 1.0.3 |