Multiple heap-based buffer overflows in the status_handler function in (1) engine-gpgsm.c and (2) engine-uiserver.c in GPGME prior to 1.5.1 allow remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to "different line lengths in a specific order."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gnu gpgme |
||
debian debian linux 6.0 |
||
canonical ubuntu linux 12.04 |
||
canonical ubuntu linux 10.04 |