CVE Vulnerabilities

CVE-2006-0049

Published: Mar 13, 2006 | Modified: Oct 19, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

gpg in GnuPG before 1.4.2.2 does not properly verify non-detached signatures, which allows attackers to inject unsigned data via a data packet that is not associated with a control packet, which causes the check for concatenated signatures to report that the signature is valid, a different vulnerability than CVE-2006-0455.

Affected Software

Name Vendor Start Version End Version
Privacy_guard Gnu 1.4.2 1.4.2
Privacy_guard Gnu 1.4 1.4
Privacy_guard Gnu 1.4.1 1.4.1
Privacy_guard Gnu 1.0.3 1.0.3
Privacy_guard Gnu 1.2.1 1.2.1
Privacy_guard Gnu 1.0.7 1.0.7
Privacy_guard Gnu 1.0.5 1.0.5
Privacy_guard Gnu 1.0.6 1.0.6
Privacy_guard Gnu 1.3.3 1.3.3
Privacy_guard Gnu 1.2.2 1.2.2
Privacy_guard Gnu 1.2.2 1.2.2
Privacy_guard Gnu 1.4.2.1 1.4.2.1
Privacy_guard Gnu 1.0 1.0
Privacy_guard Gnu 1.0.2 1.0.2
Privacy_guard Gnu 1.2.3 1.2.3
Privacy_guard Gnu 1.2.6 1.2.6
Privacy_guard Gnu 1.2.5 1.2.5
Privacy_guard Gnu 1.0.4 1.0.4
Privacy_guard Gnu 1.3.4 1.3.4
Privacy_guard Gnu 1.0.1 1.0.1
Privacy_guard Gnu 1.0.3b 1.0.3b
Privacy_guard Gnu 1.2 1.2
Privacy_guard Gnu 1.2.7 1.2.7
Privacy_guard Gnu 1.2.4 1.2.4

References