CVE-2000-0974

Name of the Vulnerable Software and Affected Versions GnuPG (gpg) version 1.0.3

Description The issue concerns a problem with signature verification in files containing multiple documents. Specifically, it does not properly check all signatures, which allows an attacker to modify the contents of all documents except the first one without being detected.

Recommendations For GnuPG (gpg) version 1.0.3, update to a newer version that properly checks all signatures of a file containing multiple documents to prevent undetected modifications.