Vulnerability in Gnu Privacy_guard
CVE-2006-6235
A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from de…
EPSS: 0.057 (92.0th percentile) — read the EPSS interpretation.
Affected products
- Gnu Privacy_guard — versions 1.2.4, 1.2.5, 1.2.6
- Gpg4win — versions 1.0.7
- Rpath Linux — versions 1
- Slackware Slackware_linux — versions 11.0
- Redhat Enterprise_linux — versions 4.0
- Redhat Enterprise_linux_desktop — versions 3.0, 4.0
- Redhat Fedora_core — versions core_5.0, core6
- Redhat Linux_advanced_workstation — versions 2.1
- Ubuntu Ubuntu_linux — versions 5.10, 6.06
- N/a — versions n/a
References
- cve@mitre.org (vdb-entry, x_refsource_SECTRACK)
- cve@mitre.org (Patch, x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- cve@mitre.org (x_refsource_SECUNIA, third-party-advisory)
- cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)
- cve@mitre.org (Patch, x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- cve@mitre.org (x_refsource_UBUNTU, vendor-advisory, Patch)
- cve@mitre.org (x_refsource_SECUNIA, third-party-advisory)
- cve@mitre.org (x_refsource_SECUNIA, third-party-advisory)
- cve@mitre.org (x_refsource_UBUNTU, vendor-advisory)
- cve@mitre.org (Patch, x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)