CyberSec.Space Logo
Back to CVE Browser

CVE-2001-0522

HIGH
7.5
CVSS Severity Score
EPSS Score0.0100%
EPSS Percentile16.38th
PublishedAug 14, 2001
Last ModifiedApr 16, 2026

Vulnerability Description

Format string vulnerability in Gnu Privacy Guard (aka GnuPG or gpg) 1.05 and earlier can allow an attacker to gain privileges via format strings in the original filename that is stored in an encrypted file.

Affected Platforms (CPE)

πŸ“¦
Gnu

Privacy Guard

= 7.1
πŸ“¦
Gnu

Privacy Guard

= 7.2
πŸ“¦
Gnu

Privacy Guard

= 8.0

References & Advisories

πŸ”— http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000399
πŸ”— http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-023-01
πŸ”— http://online.securityfocus.com/archive/1/188218
πŸ”— http://www.calderasystems.com/support/security/advisories/CSSA-2001-020.0.txt
πŸ”— http://www.debian.org/security/2001/dsa-061
πŸ”— http://www.gnupg.org/whatsnew.html#rn20010529
πŸ”— http://www.kb.cert.org/vuls/id/403051
πŸ”— http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-053.php3

Related Vulnerabilities

CVE-2001-02732.6

pgp4pine Pine/PGP interface version 1.75-6 does not properly check to see if a public key has expired when obtaining the keys via ...

CVE-2001-002110.0

MailMan Webmail 3.0.25 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the alternate...

CVE-2001-003210.0

Format string vulnerability in ssldump possibly allows remote attackers to cause a denial of service and possibly gain root privil...

CVE-2001-011310.0

statsconfig.pl in OmniHTTPd 2.07 allows remote attackers to execute arbitrary commands via the mostbrowsers parameter, whose value...