Описание
GnuPG (gpg) 1.4.8 and 2.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted duplicate keys that are imported from key servers, which triggers "memory corruption around deduplication of user IDs."
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | not-affected | 1.4.2.2-1ubuntu2.5 |
| devel | not-affected | 1.4.6-2ubuntu5 |
| edgy | not-affected | 1.4.3-2ubuntu3.3 |
| feisty | not-affected | 1.4.6-1ubuntu2 |
| gutsy | not-affected | 1.4.6-2ubuntu4 |
| upstream | not-affected | 1.4.9 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | not-affected | 1.9.19-2 |
| devel | not-affected | 2.0.7-1 |
| edgy | not-affected | 1.9.21-0ubuntu5.3 |
| feisty | not-affected | 2.0.3-1ubuntu1 |
| gutsy | not-affected | 2.0.4-1ubuntu3 |
| upstream | not-affected | 2.0.9 |
Показывать по
Ссылки на источники
9.3 Critical
CVSS2
Связанные уязвимости
GnuPG (gpg) 1.4.8 and 2.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted duplicate keys that are imported from key servers, which triggers "memory corruption around deduplication of user IDs."
GnuPG (gpg) 1.4.8 and 2.0.8 allows remote attackers to cause a denial ...
GnuPG (gpg) 1.4.8 and 2.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted duplicate keys that are imported from key servers, which triggers "memory corruption around deduplication of user IDs."
9.3 Critical
CVSS2