CVE-2001-0522

Name of the Vulnerable Software and Affected Versions GnuPG versions 1.0.5 and earlier GnuPG version 1.0.6

Description The issue is related to a format string vulnerability in GnuPG, which can be exploited to gain privileges. This can be achieved via format strings in the original filename stored in an encrypted file. The exploitation of this vulnerability can lead to a breach of confidentiality, integrity, and availability of protected information and can be performed remotely.

Recommendations For GnuPG versions 1.0.5 and earlier, update to a version later than 1.0.5 to resolve the issue. For GnuPG version 1.0.6, consider disabling the use of encrypted files with potentially malicious filenames until a patch is available.