CVE-2007-1263

N/A Unknown
Published: March 06, 2007 Modified: April 23, 2026
View on NVD

Description

GnuPG 1.4.6 and earlier and GPGME before 1.1.4, when run from the command line, does not visually distinguish signed and unsigned portions of OpenPGP messages with multiple components, which might allow remote attackers to forge the contents of a message without detection.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc
Source: cve@mitre.org
http://fedoranews.org/cms/node/2775
Source: cve@mitre.org
http://fedoranews.org/cms/node/2776
Source: cve@mitre.org
http://lists.gnupg.org/pipermail/gnupg-users/2007-March/030514.html
Source: cve@mitre.org
http://lists.suse.com/archive/suse-security-announce/2007-Mar/0008.html
Source: cve@mitre.org
http://secunia.com/advisories/24365
Source: cve@mitre.org
http://secunia.com/advisories/24407
Source: cve@mitre.org
http://secunia.com/advisories/24419
Source: cve@mitre.org
http://secunia.com/advisories/24420
Source: cve@mitre.org
http://secunia.com/advisories/24438
Source: cve@mitre.org
http://secunia.com/advisories/24489
Source: cve@mitre.org
http://secunia.com/advisories/24511
Source: cve@mitre.org
http://secunia.com/advisories/24544
Source: cve@mitre.org
http://secunia.com/advisories/24650
Source: cve@mitre.org
http://secunia.com/advisories/24734
Source: cve@mitre.org
http://secunia.com/advisories/24875
Source: cve@mitre.org
http://securityreason.com/securityalert/2353
Source: cve@mitre.org
http://support.avaya.com/elmodocs2/security/ASA-2007-144.htm
Source: cve@mitre.org
http://www.coresecurity.com/?action=item&id=1687
Source: cve@mitre.org
Patch Vendor Advisory
http://www.debian.org/security/2007/dsa-1266
Source: cve@mitre.org
http://www.mandriva.com/security/advisories?name=MDKSA-2007:059
Source: cve@mitre.org
http://www.redhat.com/support/errata/RHSA-2007-0106.html
Source: cve@mitre.org
http://www.redhat.com/support/errata/RHSA-2007-0107.html
Source: cve@mitre.org
http://www.securityfocus.com/archive/1/461958/100/0/threaded
Source: cve@mitre.org
http://www.securityfocus.com/archive/1/461958/30/7710/threaded
Source: cve@mitre.org
http://www.securityfocus.com/bid/22757
Source: cve@mitre.org
http://www.securitytracker.com/id?1017727
Source: cve@mitre.org
http://www.trustix.org/errata/2007/0009/
Source: cve@mitre.org
http://www.ubuntu.com/usn/usn-432-1
Source: cve@mitre.org
http://www.ubuntu.com/usn/usn-432-2
Source: cve@mitre.org
http://www.vupen.com/english/advisories/2007/0835
Source: cve@mitre.org
https://issues.rpath.com/browse/RPL-1111
Source: cve@mitre.org
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10496
Source: cve@mitre.org
ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc
Source: af854a3a-2127-422b-91ae-364da2661108
http://fedoranews.org/cms/node/2775
Source: af854a3a-2127-422b-91ae-364da2661108
http://fedoranews.org/cms/node/2776
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.gnupg.org/pipermail/gnupg-users/2007-March/030514.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.suse.com/archive/suse-security-announce/2007-Mar/0008.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/24365
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/24407
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/24419
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/24420
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/24438
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/24489
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/24511
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/24544
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/24650
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/24734
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/24875
Source: af854a3a-2127-422b-91ae-364da2661108
http://securityreason.com/securityalert/2353
Source: af854a3a-2127-422b-91ae-364da2661108
http://support.avaya.com/elmodocs2/security/ASA-2007-144.htm
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.coresecurity.com/?action=item&id=1687
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://www.debian.org/security/2007/dsa-1266
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.mandriva.com/security/advisories?name=MDKSA-2007:059
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.redhat.com/support/errata/RHSA-2007-0106.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.redhat.com/support/errata/RHSA-2007-0107.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/archive/1/461958/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/archive/1/461958/30/7710/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/22757
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securitytracker.com/id?1017727
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.trustix.org/errata/2007/0009/
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.ubuntu.com/usn/usn-432-1
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.ubuntu.com/usn/usn-432-2
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2007/0835
Source: af854a3a-2127-422b-91ae-364da2661108
https://issues.rpath.com/browse/RPL-1111
Source: af854a3a-2127-422b-91ae-364da2661108
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10496
Source: af854a3a-2127-422b-91ae-364da2661108

66 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
25.5%
96th percentile
Exploitation Status
Not in CISA KEV

Affected Vendors

gnu gnupg