[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250770

 
 

909

 
 

196157

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2006-6169Date: (C)2006-11-29   (M)2023-12-22


Heap-based buffer overflow in the ask_outfile_name function in openfile.c for GnuPG (gpg) 1.4 and 2.0, when running interactively, might allow attackers to execute arbitrary code via messages with "C-escape" expansions, which cause the make_printable_string function to return a longer string than expected while constructing a prompt.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 6.8
Exploit Score: 8.6
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECTRACK-1017291
SREASON-1927
2006-0068
http://www.securityfocus.com/archive/1/archive/1/452829/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/453253/100/100/threaded
20061201-01-P
BID-21306
SECUNIA-23094
SECUNIA-23110
SECUNIA-23146
SECUNIA-23161
SECUNIA-23171
SECUNIA-23250
SECUNIA-23269
SECUNIA-23284
SECUNIA-23299
SECUNIA-23303
SECUNIA-23513
SECUNIA-24047
ADV-2006-4736
DSA-1231
GLSA-200612-03
MDKSA-2006:221
OpenPKG-SA-2006.037
RHSA-2006:0754
SUSE-SA:2006:075
USN-389-1
USN-393-2
http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000241.html
gnupg-openfile-bo(30550)
http://support.avaya.com/elmodocs2/security/ASA-2007-047.htm
https://bugs.g10code.com/gnupg/issue728
https://issues.rpath.com/browse/RPL-826

CPE    1
cpe:/a:gnupg:gnupg:2.0

© SecPod Technologies