Описание
Heap-based buffer overflow in the ask_outfile_name function in openfile.c for GnuPG (gpg) 1.4 and 2.0, when running interactively, might allow attackers to execute arbitrary code via messages with "C-escape" expansions, which cause the make_printable_string function to return a longer string than expected while constructing a prompt.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.4.2.2-1ubuntu2.5 |
| devel | released | 1.4.6-1ubuntu2 |
| edgy | released | 1.4.3-2ubuntu3.3 |
| feisty | released | 1.4.6-1ubuntu2 |
| gutsy | released | 1.4.6-1ubuntu2 |
| hardy | released | 1.4.6-1ubuntu2 |
| intrepid | released | 1.4.6-1ubuntu2 |
| jaunty | released | 1.4.6-1ubuntu2 |
| karmic | released | 1.4.6-1ubuntu2 |
| upstream | released | 1.4.7 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | not-affected | |
| edgy | released | 1.9.21-0ubuntu5.3 |
| feisty | released | 2.0.3-1ubuntu1 |
| gutsy | not-affected | |
| hardy | not-affected | |
| intrepid | not-affected | |
| jaunty | not-affected | |
| karmic | not-affected | |
| upstream | released | 2.0.0 |
Показывать по
EPSS
6.8 Medium
CVSS2
Связанные уязвимости
Heap-based buffer overflow in the ask_outfile_name function in openfile.c for GnuPG (gpg) 1.4 and 2.0, when running interactively, might allow attackers to execute arbitrary code via messages with "C-escape" expansions, which cause the make_printable_string function to return a longer string than expected while constructing a prompt.
Heap-based buffer overflow in the ask_outfile_name function in openfile.c for GnuPG (gpg) 1.4 and 2.0, when running interactively, might allow attackers to execute arbitrary code via messages with "C-escape" expansions, which cause the make_printable_string function to return a longer string than expected while constructing a prompt.
Heap-based buffer overflow in the ask_outfile_name function in openfil ...
Heap-based buffer overflow in the ask_outfile_name function in openfile.c for GnuPG (gpg) 1.4 and 2.0, when running interactively, might allow attackers to execute arbitrary code via messages with "C-escape" expansions, which cause the make_printable_string function to return a longer string than expected while constructing a prompt.
Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
EPSS
6.8 Medium
CVSS2