{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[],"affected_systems_content":"<p>Toutes les versions GnuPG ant\u00e9rieures \u00e0  la version 1.4.2.1.</p>","content":"## Description\n\nGnuPG (GNU Privacy Guard) est un logiciel libre rempla\u00e7ant de PGP\n(Pretty Good Privacy).  \nUne vuln\u00e9rabilit\u00e9 dans GnuPG permet \u00e0 un utilisateur mal intentionn\u00e9 de\ncontourner la v\u00e9rification de signature en utilisant une erreur de\nprogrammation de type faux positif. Cette erreur concerne l'outil gpgv\net la commande gpg -verify.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2006-0455","url":"https://www.cve.org/CVERecord?id=CVE-2006-0455"}],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2006:043 du 17 f\u00e9vrier    2006 :","url":"http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:043"},{"title":"Bulletin de s\u00e9curit\u00e9 du port FreeBSD de GnuPG du 17 f\u00e9vrier    2006 :","url":"http://www.vuxml.org/freebsd/pkg-gnupg.html"},{"title":"Bulletin de s\u00e9curit\u00e9 Ubuntu USN-252-1 du 17 f\u00e9vrier 2006 :","url":"http://www.ubuntulinux.org/usn/usn-252-1"},{"title":"Site Internet de GnuPG :","url":"http://www.gnupg.org"},{"title":"Bulletin de s\u00e9curit\u00e9 Debian DSA 978 du 17 f\u00e9vrier 2006 :","url":"http://www.debian.org/security/2006/dsa-978"},{"title":"Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SA:2006:013 du 02 mars 2006    :","url":"http://www.novell.com/linux/security/advisories/2006_13_gpg.html"},{"title":"Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SA:2006:009 du 20 f\u00e9vrier    2006 :","url":"http://www.novell.com/linux/security/advisories/2006_09_gpg.html"},{"title":"Bulletin de s\u00e9curit\u00e9 Gentoo GLSA-200602-10 du 18 f\u00e9vrier    2006 :","url":"http://www.gentoo.org/security/en/glsa/glsa-200602-10.xml"}],"reference":"CERTA-2006-AVI-086","revisions":[{"description":"version initiale.","revision_date":"2006-02-21T00:00:00.000000"},{"description":"ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 SUSE SUSE-SA:2006:009.","revision_date":"2006-02-27T00:00:00.000000"},{"description":"ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 SUSE SUSE-SA:2006:013.","revision_date":"2006-03-02T00:00:00.000000"}],"risks":[{"description":"Contournement de la politique de s\u00e9curit\u00e9"}],"summary":null,"title":"Vuln\u00e9rabilit\u00e9 de GnuPG","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Debian DSA-978 du 17 f\u00e9vrier 2006","url":null}]}