CVSS: 7.5EPSS: 74%CPEs: 2EXPL: 1CVE-2006-3082 – GnuPG 1.4.3/1.9.x - Parse_User_ID Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-3082
19 Jun 2006 — parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and earlier versions, allows remote attackers to cause a denial of service (gpg crash) and possibly overwrite memory via a message packet with a large length (long user ID string), which could lead to an integer overflow, as demonstrated using the --no-armor option. parse-packet.c en GnuPG (gpg) v1.4.3, v1.9.20 y versiones anteriores, permite a atacantes remotos provocar una denegación de servicio (caída de gpg) y posiblemente sobrescribir la memoria a través ... • https://www.exploit-db.com/exploits/28077 • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2005-0366
https://notcve.org/view.php?id=CVE-2005-0366
11 Feb 2005 — The integrity check feature in OpenPGP, when handling a message that was encrypted using cipher feedback (CFB) mode, allows remote attackers to recover part of the plaintext via a chosen-ciphertext attack when the first 2 bytes of a message block are known, and an oracle or other mechanism is available to determine whether an integrity check failed. • http://eprint.iacr.org/2005/033 • CWE-326: Inadequate Encryption Strength •