A "stack overwrite" vulnerability in GnuPG (gpg) 1.x prior to 1.4.6, 2.x prior to 2.0.2, and 1.9.0 up to and including 1.9.95 allows malicious users to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
gnu privacy guard 1.3.4 |
||
gnu privacy guard 1.4 |
||
gnu privacy guard 1.4.1 |
||
gnu privacy guard 1.9.10 |
||
gnu privacy guard 1.9.15 |
||
gnu privacy guard 1.2.7 |
||
gnu privacy guard 1.3.3 |
||
gnu privacy guard 1.4.4 |
||
gnu privacy guard 1.4.5 |
||
gnu privacy guard 1.2.4 |
||
gnu privacy guard 1.4.2 |
||
gnu privacy guard 1.4.2.1 |
||
gnu privacy guard 1.9.20 |
||
gnu privacy guard 2.0 |
||
gnu privacy guard 1.2.5 |
||
gnu privacy guard 1.2.6 |
||
gnu privacy guard 1.4.2.2 |
||
gnu privacy guard 1.4.3 |
||
gnu privacy guard 2.0.1 |
||
gpg4win gpg4win 1.0.7 |
||
redhat enterprise linux 4.0 |
||
ubuntu ubuntu linux 5.10 |
||
ubuntu ubuntu linux 6.06 |
||
redhat linux advanced workstation 2.1 |
||
rpath linux 1 |
||
slackware slackware linux 11.0 |
||
redhat enterprise linux desktop 3.0 |
||
redhat enterprise linux desktop 4.0 |
||
redhat fedora core core_5.0 |
||
redhat fedora core core6 |
Vulmon