CVE-2006-0455

Description

gpgv in GnuPG before 1.4.2.1, when using unattended signature verification, returns a 0 exit code in certain cases even when the detached signature file does not carry a signature, which could cause programs that use gpgv to assume that the signature verification has succeeded. Note: this also occurs when running the equivalent command gpg --verify.

Risk Information

Base Score

7.4

MODERATE

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H

EPSS Score

Exploitation Probability

2.209

Associated Vulnerability

Vulnerability	OS Platform
Multiple Vulnerabilities are affected in GNU Privacy Guard (x64) 1.0	Windows
Multiple Vulnerabilities are affected in GNU Privacy Guard (x64) 1.0.1	Windows
Multiple Vulnerabilities are affected in GNU Privacy Guard (x64) 1.0.2	Windows
Multiple Vulnerabilities are affected in GNU Privacy Guard (x64) 1.0.3	Windows
Multiple Vulnerabilities are affected in GNU Privacy Guard (x64) 1.0.3b	Windows
Multiple Vulnerabilities are affected in GNU Privacy Guard (x64) 1.2.1	Windows
Vulnerabilities CVE-2003-0971,CVE-2006-0049,CVE-2006-0455 are affected in GNU Privacy Guard (x64) 1.0.4	Windows
Vulnerabilities CVE-2003-0971,CVE-2006-0049,CVE-2006-0455 are affected in GNU Privacy Guard (x64) 1.0.5	Windows
Vulnerabilities CVE-2003-0971,CVE-2006-0049,CVE-2006-0455 are affected in GNU Privacy Guard (x64) 1.0.6	Windows
Vulnerabilities CVE-2003-0971,CVE-2006-0049,CVE-2006-0455 are affected in GNU Privacy Guard (x64) 1.0.7	Windows
Vulnerabilities CVE-2003-0971,CVE-2003-0978,CVE-2006-0049,CVE-2006-0455 are affected in GNU Privacy Guard (x64) 1.2	Windows
Vulnerabilities CVE-2003-0971,CVE-2003-0978,CVE-2006-0049,CVE-2006-0455 are affected in GNU Privacy Guard (x64) 1.2.2	Windows
Vulnerabilities CVE-2003-0971,CVE-2003-0978,CVE-2006-0049,CVE-2006-0455 are affected in GNU Privacy Guard (x64) 1.2.2-rc1	Windows
Vulnerabilities CVE-2003-0971,CVE-2003-0978,CVE-2006-0049,CVE-2006-0455 are affected in GNU Privacy Guard (x64) 1.2.3	Windows
Vulnerabilities CVE-2003-0978,CVE-2006-0049,CVE-2006-0455,CVE-2006-6235 are affected in GNU Privacy Guard (x64) 1.3.3	Windows
Vulnerabilities CVE-2006-0049,CVE-2006-0455,CVE-2006-6235 are affected in GNU Privacy Guard (x64) 1.2.4	Windows
Vulnerabilities CVE-2006-0049,CVE-2006-0455,CVE-2006-6235 are affected in GNU Privacy Guard (x64) 1.2.5	Windows
Vulnerabilities CVE-2006-0049,CVE-2006-0455,CVE-2006-6235 are affected in GNU Privacy Guard (x64) 1.2.6	Windows
Vulnerabilities CVE-2006-0049,CVE-2006-0455,CVE-2006-6235 are affected in GNU Privacy Guard (x64) 1.2.7	Windows
Vulnerabilities CVE-2006-0049,CVE-2006-0455,CVE-2006-6235 are affected in GNU Privacy Guard (x64) 1.3.4	Windows
Vulnerabilities CVE-2006-0049,CVE-2006-0455,CVE-2006-6235 are affected in GNU Privacy Guard (x64) 1.4	Windows
Vulnerabilities CVE-2006-0049,CVE-2006-0455,CVE-2006-6235 are affected in GNU Privacy Guard (x64) 1.4.1	Windows
Vulnerabilities CVE-2006-0049,CVE-2006-0455,CVE-2006-6235 are affected in GNU Privacy Guard (x64) 1.4.2	Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE

Patch ID	Patch Description
PATCH-355070	GNU Privacy Guard (x64) (2.5.16)
PATCH-355070	GNU Privacy Guard (x64) (2.5.16)
PATCH-355070	GNU Privacy Guard (x64) (2.5.16)
PATCH-355070	GNU Privacy Guard (x64) (2.5.16)
PATCH-355070	GNU Privacy Guard (x64) (2.5.16)
PATCH-355070	GNU Privacy Guard (x64) (2.5.16)
PATCH-355070	GNU Privacy Guard (x64) (2.5.16)
PATCH-355070	GNU Privacy Guard (x64) (2.5.16)
PATCH-355070	GNU Privacy Guard (x64) (2.5.16)
PATCH-355070	GNU Privacy Guard (x64) (2.5.16)
PATCH-355070	GNU Privacy Guard (x64) (2.5.16)
PATCH-355070	GNU Privacy Guard (x64) (2.5.16)
PATCH-355070	GNU Privacy Guard (x64) (2.5.16)
PATCH-355070	GNU Privacy Guard (x64) (2.5.16)
PATCH-355070	GNU Privacy Guard (x64) (2.5.16)
PATCH-355070	GNU Privacy Guard (x64) (2.5.16)
PATCH-355070	GNU Privacy Guard (x64) (2.5.16)
PATCH-355070	GNU Privacy Guard (x64) (2.5.16)
PATCH-355070	GNU Privacy Guard (x64) (2.5.16)
PATCH-355070	GNU Privacy Guard (x64) (2.5.16)
PATCH-355070	GNU Privacy Guard (x64) (2.5.16)
PATCH-355070	GNU Privacy Guard (x64) (2.5.16)
PATCH-355070	GNU Privacy Guard (x64) (2.5.16)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234