CVE-2006-6235

First published: Thu Dec 07 2006(Updated: )

A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Gnu Privacy Guard	=1.2.4
Gnu Privacy Guard	=1.2.5
Gnu Privacy Guard	=1.2.6
Gnu Privacy Guard	=1.2.7
Gnu Privacy Guard	=1.3.3
Gnu Privacy Guard	=1.3.4
Gnu Privacy Guard	=1.4
Gnu Privacy Guard	=1.4.1
Gnu Privacy Guard	=1.4.2
Gnu Privacy Guard	=1.4.2.1
Gnu Privacy Guard	=1.4.2.2
Gnu Privacy Guard	=1.4.3
Gnu Privacy Guard	=1.4.4
Gnu Privacy Guard	=1.4.5
Gnu Privacy Guard	=1.9.10
Gnu Privacy Guard	=1.9.15
Gnu Privacy Guard	=1.9.20
Gnu Privacy Guard	=2.0
Gnu Privacy Guard	=2.0.1
Gpg4win Gpg4win	=1.0.7
Red Hat Enterprise Linux	=4.0
Red Hat Enterprise Linux	=4.0
Red Hat Enterprise Linux	=4.0
Redhat Enterprise Linux Desktop	=3.0
Redhat Enterprise Linux Desktop	=4.0
Redhat Fedora Core	=core_5.0
Redhat Fedora Core	=core6
Redhat Linux Advanced Workstation	=2.1
Rpath Linux	=1
Slackware Slackware Linux	=11.0
Ubuntu Ubuntu Linux	=5.10
Ubuntu Ubuntu Linux	=6.06

Never miss a vulnerability like this again

Reference Links

agent/references
agent/type
collector/mitre-cve
source/MITRE
agent/remedy
agent/severity
agent/last-modified-date
agent/author
agent/weakness
agent/first-publish-date
agent/description
agent/event
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-historical
agent/softwarecombine
agent/tags
agent/source
vendor/gnu
canonical/gnu privacy guard
version/gnu privacy guard/1.2.4
version/gnu privacy guard/1.2.5
version/gnu privacy guard/1.2.6
version/gnu privacy guard/1.2.7
version/gnu privacy guard/1.3.3
version/gnu privacy guard/1.3.4
version/gnu privacy guard/1.4
version/gnu privacy guard/1.4.1
version/gnu privacy guard/1.4.2
version/gnu privacy guard/1.4.2.1
version/gnu privacy guard/1.4.2.2
version/gnu privacy guard/1.4.3
version/gnu privacy guard/1.4.4
version/gnu privacy guard/1.4.5
version/gnu privacy guard/1.9.10
version/gnu privacy guard/1.9.15
version/gnu privacy guard/1.9.20
version/gnu privacy guard/2.0
version/gnu privacy guard/2.0.1
vendor/gpg4win
canonical/gpg4win gpg4win
version/gpg4win gpg4win/1.0.7
vendor/redhat
canonical/red hat enterprise linux
version/red hat enterprise linux/4.0
canonical/redhat enterprise linux desktop
version/redhat enterprise linux desktop/3.0
version/redhat enterprise linux desktop/4.0
canonical/redhat fedora core
version/redhat fedora core/core_5.0
version/redhat fedora core/core6
canonical/redhat linux advanced workstation
version/redhat linux advanced workstation/2.1
vendor/rpath
canonical/rpath linux
version/rpath linux/1
vendor/slackware
canonical/slackware slackware linux
version/slackware slackware linux/11.0
vendor/ubuntu
canonical/ubuntu ubuntu linux
version/ubuntu ubuntu linux/5.10
version/ubuntu ubuntu linux/6.06

CVE-2006-6235

Remedy

Remedy

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact