New Search

parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20 and earlier versions allows remote attackers to cause a denial of service (gpg crash) and possibly overwrite memory via a message packet with a large length (long user ID string) which could lead to an integer overflow as demonstrated using the --no-armor option.

oval:org.mitre.oval:def:10089

parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20 and earlier versions allows remote attackers to cause a denial of service (gpg crash) and possibly overwrite memory via a message packet with a large length (long user ID string) which could lead to an integer overflow as demonstrated using the --no-armor option.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Red Hat Enterprise Linux 4
  • CentOS Linux 4
  • CentOS Linux 3
  • Red Hat Enterprise Linux 3
  • Oracle Linux 4
Class:
vulnerability
Reference(s):
  • CVE-2006-3082
Product(s):