CVE-2006-4790 in GnuTLSinformação

Sumário

de VulDB • 06/07/2026

verify.c in GnuTLS before 1.4.4, when using an RSA key with exponent 3, does not properly handle excess data in the digestAlgorithm.parameters field when generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents GnuTLS from correctly verifying X.509 and other certificates that use PKCS, a variant of CVE-2006-4339.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservar

13/09/2006

Divulgação

14/09/2006

Moderação

aceite

Entrada

VDB-32290

CPE

pronto

EPSS

0.02427

KEV

não

Atividades

muito baixo

Fontes

Might our Artificial Intelligence support you?

Check our Alexa App!