CVE-2006-6235

Currently unrated

Key Information:

Vendor: Gnu
Status: Privacy Guard; Gpg4win
Vendor: CVE Published:; 7 December 2006

Summary

A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory.

References

http://securitytracker.com/id?1017349

vdb-entryx_refsource_SECTRACK

http://secunia.com/advisories/23269

third-party-advisoryx_refsource_SECUNIA

http://secunia.com/advisories/23303

third-party-advisoryx_refsource_SECUNIA

EPSS Score

8% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 7, 2006
Vulnerability Reserved
Dec 2, 2006