CVE-2007-1263

{"id": "CVE-2007-1263", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-03-06T20:19:00.000", "references": [{"url": "ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc", "source": "cve@mitre.org"}, {"url": "http://fedoranews.org/cms/node/2775", "source": "cve@mitre.org"}, {"url": "http://fedoranews.org/cms/node/2776", "source": "cve@mitre.org"}, {"url": "http://lists.gnupg.org/pipermail/gnupg-users/2007-March/030514.html", "source": "cve@mitre.org"}, {"url": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0008.html", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/24365", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/24407", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/24419", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/24420", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/24438", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/24489", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/24511", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/24544", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/24650", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/24734", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/24875", "source": "cve@mitre.org"}, {"url": "http://securityreason.com/securityalert/2353", "source": "cve@mitre.org"}, {"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-144.htm", "source": "cve@mitre.org"}, {"url": "http://www.coresecurity.com/?action=item&id=1687", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.debian.org/security/2007/dsa-1266", "source": "cve@mitre.org"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:059", "source": "cve@mitre.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2007-0106.html", "source": "cve@mitre.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2007-0107.html", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/461958/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/461958/30/7710/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/22757", "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1017727", "source": "cve@mitre.org"}, {"url": "http://www.trustix.org/errata/2007/0009/", "source": "cve@mitre.org"}, {"url": "http://www.ubuntu.com/usn/usn-432-1", "source": "cve@mitre.org"}, {"url": "http://www.ubuntu.com/usn/usn-432-2", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2007/0835", "source": "cve@mitre.org"}, {"url": "https://issues.rpath.com/browse/RPL-1111", "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10496", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "GnuPG 1.4.6 and earlier and GPGME before 1.1.4, when run from the command line, does not visually distinguish signed and unsigned portions of OpenPGP messages with multiple components, which might allow remote attackers to forge the contents of a message without detection."}, {"lang": "es", "value": "GnuPG 1.4.6 y anteriores y GPGME anterior a 1.1.4, al ser ejecutado desde la l\u00ednea de comandos, no distingue visualmente trozos firmados de no firmados en mensajes OpenPGP con m\u00faltiples componentes, lo cual podr\u00eda permitir a atacantes remotos falsificar el contenido de un mensaje sin ser detectado."}], "lastModified": "2018-10-16T16:37:38.643", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:gnu:gpgme:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EA56B122-75BE-4872-859B-13FDCA2DC641", "versionEndIncluding": "1.1.3"}, {"criteria": "cpe:2.3:a:gnupg:gnupg:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "804DFC99-270C-41FD-9D03-53FA501F382A", "versionEndIncluding": "1.4.6"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}