Integer overflow in parse_comment in GnuPG (gpg) 1.4.4 allows remote malicious users to cause a denial of service (segmentation fault) via a crafted message.
Evgeny Legerov discovered that gnupg did not sufficiently check the
validity of the comment and a control field Specially crafted GPG
data could cause a buffer overflow This could be exploited to execute
arbitrary code with the user’s privileges if an attacker can trick an
user into processing a malicious encrypted/signed document with gnupg ...
Evgeny Legerov discovered that overly large comments can crash gnupg,
the GNU privacy guard - a free PGP replacement
For the stable distribution (sarge) this problem has been fixed in
version 141-1sarge5
For the unstable distribution (sid) this problem has been fixed in
version 145-1
We recommend that you upgrade your gnupg package ...
Evgeny Legerov discovered that overly large comments can crash gnupg,
the GNU privacy guard - a free PGP replacement, which is also present
in the development branch
For the stable distribution (sarge) this problem has been fixed in
version 1915-6sarge2
For the unstable distribution (sid) this problem has been fixed in
version 1920-2
We reco ...
source: wwwsecurityfocuscom/bid/19110/info
GnuPG is prone to a remote buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer
This issue may allow remote attackers to execute arbitrary machine code in the context of the affected application, b ...