CVE-2013-4351
Description
GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey.
Risk Information
Base Score
5.3
MODERATE
Vector
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS Score
Exploitation Probability
1.303
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities are affected in GnuPG for windows 1.4.0 | Windows |
| Multiple Vulnerabilities are affected in GnuPG for windows 1.4.3 | Windows |
| Multiple Vulnerabilities are affected in GnuPG for windows 1.4.4 | Windows |
| Multiple Vulnerabilities are affected in GnuPG for windows 2.0 | Windows |
| Vulnerabilities CVE-2007-1263,CVE-2013-4351,CVE-2013-4576 are affected in GnuPG for windows 1.4.6 | Windows |
| Multiple Vulnerabilities are affected in GnuPG for windows 1.4.8 | Windows |
| Multiple Vulnerabilities are affected in GnuPG for windows 2.0.8 | Windows |
| Multiple Vulnerabilities are affected in GnuPG for windows 2.0.1 | Windows |
| Multiple Vulnerabilities are affected in GnuPG for windows 2.0.10 | Windows |
| Multiple Vulnerabilities are affected in GnuPG for windows 2.0.11 | Windows |
| Multiple Vulnerabilities are affected in GnuPG for windows 2.0.12 | Windows |
| Multiple Vulnerabilities are affected in GnuPG for windows 2.0.13 | Windows |
| Multiple Vulnerabilities are affected in GnuPG for windows 2.0.14 | Windows |
| Multiple Vulnerabilities are affected in GnuPG for windows 2.0.15 | Windows |
| Multiple Vulnerabilities are affected in GnuPG for windows 2.0.16 | Windows |
| Multiple Vulnerabilities are affected in GnuPG for windows 2.0.3 | Windows |
| Multiple Vulnerabilities are affected in GnuPG for windows 2.0.4 | Windows |
| Multiple Vulnerabilities are affected in GnuPG for windows 2.0.5 | Windows |
| Multiple Vulnerabilities are affected in GnuPG for windows 2.0.6 | Windows |
| Multiple Vulnerabilities are affected in GnuPG for windows 2.0.7 | Windows |
| Multiple Vulnerabilities are affected in GnuPG for windows 1.4.10 | Windows |
| Multiple Vulnerabilities are affected in GnuPG for windows 1.4.11 | Windows |
| Multiple Vulnerabilities are affected in GnuPG for windows 1.4.12 | Windows |
| Multiple Vulnerabilities are affected in GnuPG for windows 1.4.2 | Windows |
| Multiple Vulnerabilities are affected in GnuPG for windows 1.4.5 | Windows |
| Multiple Vulnerabilities are affected in GnuPG for windows 2.0.17 | Windows |
| Multiple Vulnerabilities are affected in GnuPG for windows 2.0.18 | Windows |
| Multiple Vulnerabilities are affected in GnuPG for windows 2.0.19 | Windows |
| Multiple Vulnerabilities are affected in GnuPG for windows 1.4.13 | Windows |
| Vulnerabilities CVE-2013-4351,CVE-2014-9087 are affected in GnuPG for windows 2.1.0 | Windows |
| gnupg2 security update(DSA-2968-1) gnupg2_2.0.19-2+deb7u2_i386.deb | Linux |
| gnupg2 security update(DSA-2968-1) gnupg2_2.0.19-2+deb7u2_amd64.deb | Linux |
| (RHSA-2013:1459) Moderate: gnupg2 security update gnupg2-2.0.10-6.el5_10.i386.rpm | Linux |
| (RHSA-2013:1459) Moderate: gnupg2 security update gnupg2-2.0.10-6.el5_10.x86_64.rpm | Linux |
| (RHSA-2013:1459) Moderate: gnupg2 security update gnupg2-2.0.14-6.el6_4.i686.rpm | Linux |
| (RHSA-2013:1459) Moderate: gnupg2 security update gnupg2-2.0.14-6.el6_4.x86_64.rpm | Linux |
| (RHSA-2013:1459) Moderate: gnupg2 security update gnupg2-smime-2.0.14-6.el6_4.i686.rpm | Linux |
| (RHSA-2013:1459) Moderate: gnupg2 security update gnupg2-smime-2.0.14-6.el6_4.x86_64.rpm | Linux |
| CVE-2013-4351 | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234