ID |
CVE-2001-0522
|
Summary |
Format string vulnerability in Gnu Privacy Guard (aka GnuPG or gpg) 1.05 and earlier can allow an attacker to gain privileges via format strings in the original filename that is stored in an encrypted file. |
References |
|
Vulnerable Configurations |
-
cpe:2.3:a:gnu:privacy_guard:7.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:privacy_guard:7.1:*:*:*:*:*:*:*
-
cpe:2.3:a:gnu:privacy_guard:7.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:privacy_guard:7.2:*:*:*:*:*:*:*
-
cpe:2.3:a:gnu:privacy_guard:8.0:*:*:*:*:*:*:*
cpe:2.3:a:gnu:privacy_guard:8.0:*:*:*:*:*:*:*
|
CVSS |
Base: | 7.5 (as of 03-05-2018 - 01:29) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
PARTIAL |
PARTIAL |
PARTIAL |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
redhat
via4
|
|
refmap
via4
|
bid | 2797 | bugtraq | - 20010529 [synnergy] - GnuPG remote format string vulnerability
- 20010601 The GnuPG format string bug (was: TSLSA-2001-0009 - GnuPG)
| caldera | CSSA-2001-020.0 | cert-vn | VU#403051 | conectiva | CLA-2001:399 | confirm | http://www.gnupg.org/whatsnew.html#rn20010529 | debian | DSA-061 | immunix | IMNX-2001-70-023-01 | mandrake | MDKSA-2001:053 | osvdb | 1845 | suse | SuSE-SA:2001:020 | turbo | TLSA2001028 | xf | gnupg-tty-format-string(6642) |
|
Last major update |
03-05-2018 - 01:29 |
Published |
14-08-2001 - 04:00 |
Last modified |
03-05-2018 - 01:29 |