Описание
parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and earlier versions, allows remote attackers to cause a denial of service (gpg crash) and possibly overwrite memory via a message packet with a large length (long user ID string), which could lead to an integer overflow, as demonstrated using the --no-armor option.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.4.2.2-1ubuntu2.5 |
| devel | released | 1.4.6-1ubuntu2 |
| edgy | released | 1.4.3-2ubuntu3.3 |
| feisty | released | 1.4.6-1ubuntu2 |
| gutsy | released | 1.4.6-1ubuntu2 |
| hardy | released | 1.4.6-1ubuntu2 |
| intrepid | released | 1.4.6-1ubuntu2 |
| jaunty | released | 1.4.6-1ubuntu2 |
| karmic | released | 1.4.6-1ubuntu2 |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | released | 2.0.3-1ubuntu1 |
| edgy | released | 1.9.21-0ubuntu5.3 |
| feisty | released | 2.0.3-1ubuntu1 |
| gutsy | released | 2.0.3-1ubuntu1 |
| hardy | released | 2.0.3-1ubuntu1 |
| intrepid | released | 2.0.3-1ubuntu1 |
| jaunty | released | 2.0.3-1ubuntu1 |
| karmic | released | 2.0.3-1ubuntu1 |
| upstream | needs-triage |
Показывать по
EPSS
5 Medium
CVSS2
Связанные уязвимости
parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and earlier versions, allows remote attackers to cause a denial of service (gpg crash) and possibly overwrite memory via a message packet with a large length (long user ID string), which could lead to an integer overflow, as demonstrated using the --no-armor option.
parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and earlier versions, allows remote attackers to cause a denial of service (gpg crash) and possibly overwrite memory via a message packet with a large length (long user ID string), which could lead to an integer overflow, as demonstrated using the --no-armor option.
parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and earlier versions, ...
parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and earlier versions, allows remote attackers to cause a denial of service (gpg crash) and possibly overwrite memory via a message packet with a large length (long user ID string), which could lead to an integer overflow, as demonstrated using the --no-armor option.
EPSS
5 Medium
CVSS2