CyberSec.Space Logo
CVEブラウザに戻る

CVE-2003-0978

HIGH
7.5
CVSS Severity Score
EPSS Score0.1790%
EPSS Percentile9.96th
Published2004年1月5日
Last Modified2026年4月16日

Vulnerability Description

Format string vulnerability in gpgkeys_hkp (experimental HKP interface) for the GnuPG (gpg) client 1.2.3 and earlier, and 1.3.3 and earlier, allows remote attackers or a malicious keyserver to cause a denial of service (crash) and possibly execute arbitrary code during key retrieval.

Affected Platforms (CPE)

📦
Gnu

Privacy Guard

= 1.2
📦
Gnu

Privacy Guard

= 1.2.1
📦
Gnu

Privacy Guard

= 1.2.2
📦
Gnu

Privacy Guard

= 1.2.2
📦
Gnu

Privacy Guard

= 1.2.3
📦
Gnu

Privacy Guard

= 1.3.3

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=107047470625214&w=2
🔗 http://www.novell.com/linux/security/advisories/2003_048_gpg.html
🔗 http://www.s-quadra.com/advisories/Adv-20031203.txt
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/13892
🔗 http://marc.info/?l=bugtraq&m=107047470625214&w=2
🔗 http://www.novell.com/linux/security/advisories/2003_048_gpg.html
🔗 http://www.s-quadra.com/advisories/Adv-20031203.txt
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/13892

関連する脆弱性情報

CVE-2001-05227.5

Format string vulnerability in Gnu Privacy Guard (aka GnuPG or gpg) 1.05 and earlier can allow an attacker to gain privileges via ...

CVE-2001-02732.6

pgp4pine Pine/PGP interface version 1.75-6 does not properly check to see if a public key has expired when obtaining the keys via ...

CVE-2003-019610.0

Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service...

CVE-2003-071510.0

Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers...