CVE-2007-1263: CVE-2007-1263

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2007-1263

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

GnuPG 1.4.6 and earlier and GPGME before 1.1.4, when run from the command line, does not visually distinguish signed and unsigned portions of OpenPGP messages with multiple components, which might allow remote attackers to forge the contents of a message without detection.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

GnuPG签名消息任意内容注入漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

GnuPG是基于OpenPGP标准的PGP加密、解密、签名工具。使用GnuPG的脚本和应用程序向终端用户显示签名验证信息的方式存在漏洞，允许攻击者向签名消息中添加任意内容，消息的接收者无法区分消息中的伪造和正确签名部分。漏洞起因是有效的OpenPGP消息包含有多个部分，其中每个部分都可以认为是一段消息，但有些消息可能没有被签名和/或加密。有漏洞的第三方应用程序没有使用适当的GnuPG API判断消息边界，没有在给终端用户的输出中明确的区分消息。在某些情况下，即使从命令行直接使用GnuPG的高级用户也可

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2007-1263

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2007-1263

Please Login to view more intelligence information

http://www.coresecurity.com/?action=item&id=1687x_refsource_MISC
https://issues.rpath.com/browse/RPL-1111x_refsource_CONFIRM
http://support.avaya.com/elmodocs2/security/ASA-2007-144.htmx_refsource_CONFIRM
http://securityreason.com/securityalert/2353third-party-advisoryx_refsource_SREASON
http://secunia.com/advisories/24407third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/24419third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/24438third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/24734third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/24544third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/24511third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/22757vdb-entryx_refsource_BID
http://secunia.com/advisories/24489third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/24875third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/24365third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/24420third-party-advisoryx_refsource_SECUNIA
http://www.securitytracker.com/id?1017727vdb-entryx_refsource_SECTRACK
http://www.debian.org/security/2007/dsa-1266vendor-advisoryx_refsource_DEBIAN
http://www.ubuntu.com/usn/usn-432-2vendor-advisoryx_refsource_UBUNTU
http://www.ubuntu.com/usn/usn-432-1vendor-advisoryx_refsource_UBUNTU
http://www.trustix.org/errata/2007/0009/vendor-advisoryx_refsource_TRUSTIX
http://www.vupen.com/english/advisories/2007/0835vdb-entryx_refsource_VUPEN
ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.ascvendor-advisoryx_refsource_SGI
http://www.mandriva.com/security/advisories?name=MDKSA-2007:059vendor-advisoryx_refsource_MANDRIVA
http://www.redhat.com/support/errata/RHSA-2007-0107.htmlvendor-advisoryx_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2007-0106.htmlvendor-advisoryx_refsource_REDHAT
http://fedoranews.org/cms/node/2776vendor-advisoryx_refsource_FEDORA
http://fedoranews.org/cms/node/2775vendor-advisoryx_refsource_FEDORA
http://lists.suse.com/archive/suse-security-announce/2007-Mar/0008.htmlvendor-advisoryx_refsource_SUSE
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10496vdb-entrysignaturex_refsource_OVAL
http://www.securityfocus.com/archive/1/461958/30/7710/threadedmailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/461958/100/0/threadedmailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2007-1263

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2007-1263

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2007-1263

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2007-1263

III. Intelligence Information for CVE-2007-1263

IV. Related Vulnerabilities

V. Comments for CVE-2007-1263

Leave a comment