CVE-2006-6235 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2006-6235
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-6235

Description: A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/30711 UBUNTU http://www.ubuntu.com/usn/usn-393-1 http://www.ubuntu.com/usn/usn-393-2 TRUSTIX http://www.trustix.org/errata/2006/0070 SUSE http://www.novell.com/linux/security/advisories/2006_28_sr.html http://lists.suse.com/archive/suse-security-announce/2006-Dec/0004.html ST 1017349 SGI SAID Secunia Advisory: SA23290 Secunia Advisory: SA23329 Secunia Advisory: SA23303 Secunia Advisory: SA23299 Secunia Advisory: SA23259 Secunia Advisory: SA23250 Secunia Advisory: SA23255 Secunia Advisory: SA23269 Secunia Advisory: SA23245 Secunia Advisory: SA23335 Secunia Advisory: SA23284 Secunia Advisory: SA23513 Secunia Advisory: SA24047 REDHAT http://www.redhat.com/support/errata/RHSA-2006-0754.html OPENPKG http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.037.html MLIST http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000491.html MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2006:228 GENTOO http://security.gentoo.org/glsa/glsa-200612-03.xml DEBIAN http://www.debian.org/security/2006/dsa-1231 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2007-047.htm CERT-VN 427009 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/453723/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/453664/100/0/threaded BID 21462

Return to the previous page.