OpenPGP Chosen-Ciphertext Attack Vulnerability

OpenPGP Chosen-Ciphertext Attack Vulnerability

CVE-2005-0366 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The integrity check feature in OpenPGP, when handling a message that was encrypted using cipher feedback (CFB) mode, allows remote attackers to recover part of the plaintext via a chosen-ciphertext attack when the first 2 bytes of a message block are known, and an oracle or other mechanism is available to determine whether an integrity check failed.

Learn more about our Web Application Penetration Testing UK.