Vulnerability Name:

CVE-2007-1263 (CCN-32925)

Assigned:2007-03-05
Published:2007-03-05
Updated:2018-10-16
Summary:GnuPG 1.4.6 and earlier and GPGME before 1.1.4, when run from the command line, does not visually distinguish signed and unsigned portions of OpenPGP messages with multiple components, which might allow remote attackers to forge the contents of a message without detection.
CVSS v3 Severity:5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): High
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
5.4 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:C/A:N)
4.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:C/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Complete
Availibility (A): None
Vulnerability Type:CWE-Other
Vulnerability Consequences:Bypass Security
References:Source: SGI
Type: UNKNOWN
20070301-01-P

Source: MITRE
Type: CNA
CVE-2007-1263

Source: MITRE
Type: CNA
CVE-2007-1264

Source: MITRE
Type: CNA
CVE-2007-1265

Source: MITRE
Type: CNA
CVE-2007-1266

Source: MITRE
Type: CNA
CVE-2007-1267

Source: MITRE
Type: CNA
CVE-2007-1268

Source: MITRE
Type: CNA
CVE-2007-1269

Source: CCN
Type: Enigmail Web site
mozdev.org - enigmail: index

Source: FEDORA
Type: UNKNOWN
FEDORA-2007-316

Source: FEDORA
Type: UNKNOWN
FEDORA-2007-315

Source: CCN
Type: KMail Web site
Kontact Homepage - KMail: Kontact Mail

Source: CCN
Type: GnuPG-Users Mailing List, Tue Mar 6 09:02:45 CET 2007
Multiple Messages Problem in GnuPG and GPGME

Source: MLIST
Type: UNKNOWN
[gnupg-users] 20070306 [Announce] Multiple Messages Problem in GnuPG and GPGME

Source: SUSE
Type: UNKNOWN
SUSE-SA:2007:024

Source: CCN
Type: RHSA-2007-0106
Important: gnupg security update

Source: CCN
Type: RHSA-2007-0107
Important: gnupg security update

Source: SECUNIA
Type: UNKNOWN
24365

Source: SECUNIA
Type: UNKNOWN
24407

Source: CCN
Type: SA24412
Evolution "--status-fd" Incorrect GnuPG Usage

Source: CCN
Type: SA24413
KMail "--status-fd" Incorrect GnuPG Usage

Source: CCN
Type: SA24414
Sylpheed "--status-fd" Incorrect GnuPG Usage

Source: CCN
Type: SA24415
Mutt "--status-fd" Incorrect GnuPG Usage

Source: CCN
Type: SA24416
Enigmail "--status-fd" Incorrect GnuPG Usage

Source: CCN
Type: SA24417
GNUMail "--status-fd" Incorrect GnuPG Usage

Source: SECUNIA
Type: UNKNOWN
24419

Source: SECUNIA
Type: UNKNOWN
24420

Source: SECUNIA
Type: UNKNOWN
24438

Source: SECUNIA
Type: UNKNOWN
24489

Source: SECUNIA
Type: UNKNOWN
24511

Source: SECUNIA
Type: UNKNOWN
24544

Source: SECUNIA
Type: UNKNOWN
24650

Source: SECUNIA
Type: UNKNOWN
24734

Source: CCN
Type: SA24875
Avaya Products Incorrect GnuPG Usage

Source: SECUNIA
Type: UNKNOWN
24875

Source: SREASON
Type: UNKNOWN
2353

Source: CCN
Type: SECTRACK ID: 1017727
GnuPG and Several E-mail Clients Let Remote Users Inject Unsigned Data into Signed Messages

Source: CONFIRM
Type: UNKNOWN
http://support.avaya.com/elmodocs2/security/ASA-2007-144.htm

Source: CCN
Type: ASA-2007-144
gnupg security update (RHSA-2007-0106)

Source: CCN
Type: Sylpheed Web site
Sylpheed - lightweight and user-friendly e-mail client -

Source: CCN
Type: GNUMail Web site
collaboration-world > GNUMail

Source: MISC
Type: Patch, Vendor Advisory
http://www.coresecurity.com/?action=item&id=1687

Source: CCN
Type: Core Security Technologies - CoreLabs Advisory CORE-2007-0115
GnuPG and GnuPG clients unsigned data injection vulnerability

Source: DEBIAN
Type: UNKNOWN
DSA-1266

Source: DEBIAN
Type: DSA-1266
gnupg -- several vulnerabilities

Source: CCN
Type: Evolution Web site
Evolution

Source: CCN
Type: GnuPG Web site
Download - GnuPG.org

Source: CCN
Type: GPGME Web site
GPGME - GnuPG.org

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2007:059

Source: CCN
Type: Mutt Web site
The Mutt E-Mail Client

Source: CCN
Type: OSVDB ID: 33502
Multiple Mail Client --status-fd GnuPG Invocation Spoofed Content Weakness

Source: REDHAT
Type: UNKNOWN
RHSA-2007:0106

Source: REDHAT
Type: UNKNOWN
RHSA-2007:0107

Source: BUGTRAQ
Type: UNKNOWN
20070305 CORE-2007-0115: GnuPG and GnuPG clients unsigned data injection vulnerability

Source: BUGTRAQ
Type: UNKNOWN
20070305 CORE-2007-0115: GnuPG and GnuPG clients unsigned data injection vulnerability

Source: BID
Type: UNKNOWN
22757

Source: CCN
Type: BID-22757
GnuPG Signed Message Arbitrary Content Injection Weakness

Source: CCN
Type: BID-22758
Enigmail GnuPG Arbitrary Content Injection Vulnerability

Source: CCN
Type: BID-22759
KMail GnuPG Arbitrary Content Injection Vulnerability

Source: CCN
Type: BID-22760
Gnome Evolution GnuPG Arbitrary Content Injection Vulnerability

Source: CCN
Type: BID-22777
Sylpheed GnuPG Arbitrary Content Injection Vulnerability

Source: CCN
Type: BID-22778
Mutt GnuPG Arbitrary Content Injection Vulnerability

Source: CCN
Type: BID-22779
GNUMail.App GnuPG Arbitrary Content Injection Vulnerability

Source: SECTRACK
Type: UNKNOWN
1017727

Source: TRUSTIX
Type: UNKNOWN
2007-0009

Source: CCN
Type: USN-432-1
GnuPG vulnerability

Source: UBUNTU
Type: UNKNOWN
USN-432-1

Source: CCN
Type: USN-432-2
GnuPG2

Source: UBUNTU
Type: UNKNOWN
USN-432-2

Source: VUPEN
Type: UNKNOWN
ADV-2007-0835

Source: XF
Type: UNKNOWN
gnupg-multiple-statusfd-security-bypass(32925)

Source: CONFIRM
Type: UNKNOWN
https://issues.rpath.com/browse/RPL-1111

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:10496

Source: SUSE
Type: SUSE-SA:2007:024
gpg signature bypassing

Vulnerable Configuration:Configuration 1:
  • cpe:/a:gnu:gpgme:*:*:*:*:*:*:*:* (Version <= 1.1.3)
  • OR cpe:/a:gnupg:gnupg:*:*:*:*:*:*:*:* (Version <= 1.4.6)

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

    • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

    • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

    • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:gnu:privacy_guard:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.4.5:*:*:*:*:*:*:*
  • OR cpe:/a:gnome:evolution:2.8.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:gnupg:1.4.6:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gpgme:1.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.2.5:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.2.6:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.2.7:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.3.4:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.4:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.4.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.4.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.4.3:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.4.4:*:*:*:*:*:*:*
  • AND
  • cpe:/o:suse:linux_enterprise_server:8:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*
  • OR cpe:/a:suse:suse_linux_school_server:-:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:novell:linux_desktop:9:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:3.1:*:*:*:*:*:*:*
  • OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:*
  • OR cpe:/a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:10.0::oss:*:*:*:*:*
  • OR cpe:/o:redhat:linux_advanced_workstation:2.1::itanium:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:6.06::lts:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:10.1::personal:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2006::x86-64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2007::x86_64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*
  • OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:10.2:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.3:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20071263
    V
    		CVE-2007-1263
    2015-11-16
    oval:org.mitre.oval:def:22219
    P
    		ELSA-2007:0107: gnupg security update (Important)
    2014-05-26
    oval:org.mitre.oval:def:10496
    V
    		GnuPG 1.4.6 and earlier and GPGME before 1.1.4, when run from the command line, does not visually distinguish signed and unsigned portions of OpenPGP messages with multiple components, which might allow remote attackers to forge the contents of a message without detection.
    2013-04-29
    oval:com.redhat.rhsa:def:20070107
    P
    		RHSA-2007:0107: gnupg security update (Important)
    2007-03-14
    oval:org.debian:def:1266
    V
    		several vulnerabilities
    2007-03-13
    oval:com.redhat.rhsa:def:20070106
    P
    		RHSA-2007:0106: gnupg security update (Important)
    2007-03-06
    BACK
    gnu gpgme *
    gnupg gnupg *
    gnu privacy guard 1.0
    gnu privacy guard 1.0.1
    gnu privacy guard 1.0.2
    gnu privacy guard 1.0.3
    gnu privacy guard 1.0.4
    gnu privacy guard 1.0.5
    gnu privacy guard 1.2.3
    gnu privacy guard 1.3.3
    gnu privacy guard 1.4.5
    gnome evolution 2.8.1
    gnupg gnupg 1.4.6
    gnu gpgme 1.1.3
    gnu privacy guard 1.0.6
    gnu privacy guard 1.0.7
    gnu privacy guard 1.2
    gnu privacy guard 1.2.1
    gnu privacy guard 1.2.2
    gnu privacy guard 1.2.4
    gnu privacy guard 1.2.5
    gnu privacy guard 1.2.6
    gnu privacy guard 1.2.7
    gnu privacy guard 1.3.4
    gnu privacy guard 1.4
    gnu privacy guard 1.4.1
    gnu privacy guard 1.4.2
    gnu privacy guard 1.4.2.1
    gnu privacy guard 1.4.2.2
    gnu privacy guard 1.4.3
    gnu privacy guard 1.4.4
    suse linux enterprise server 8
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    suse suse linux school server -
    redhat enterprise linux 3
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 4
    redhat enterprise linux 4
    novell linux desktop 9
    redhat enterprise linux 4
    redhat enterprise linux 4
    debian debian linux 3.1
    novell open enterprise server *
    mandrakesoft mandrake multi network firewall 2.0
    suse suse linux 10.0
    redhat linux advanced workstation 2.1
    mandrakesoft mandrake linux 2006
    canonical ubuntu 6.06
    suse suse linux 10.1
    mandrakesoft mandrake linux 2006
    mandrakesoft mandrake linux 2007
    mandrakesoft mandrake linux 2007
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 5
    redhat enterprise linux 5
    redhat enterprise linux 5
    novell open enterprise server *
    novell opensuse 10.2
    suse suse linux 9.3