Detections
Analytics

CVE-2006-6235

critical

Description

A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11245

https://issues.rpath.com/browse/RPL-835

https://exchange.xforce.ibmcloud.com/vulnerabilities/30711

http://www.vupen.com/english/advisories/2006/4881

http://www.ubuntu.com/usn/usn-393-2

http://www.ubuntu.com/usn/usn-393-1

http://www.trustix.org/errata/2006/0070

http://www.securityfocus.com/bid/21462

http://www.securityfocus.com/archive/1/453723/100/0/threaded

http://www.securityfocus.com/archive/1/453664/100/0/threaded

http://www.redhat.com/support/errata/RHSA-2006-0754.html

http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.037.html

http://www.novell.com/linux/security/advisories/2006_28_sr.html

http://www.mandriva.com/security/advisories?name=MDKSA-2006:228

http://www.kb.cert.org/vuls/id/427009

http://www.debian.org/security/2006/dsa-1231

http://support.avaya.com/elmodocs2/security/ASA-2007-047.htm

http://securitytracker.com/id?1017349

http://security.gentoo.org/glsa/glsa-200612-03.xml

http://secunia.com/advisories/24047

http://secunia.com/advisories/23513

http://secunia.com/advisories/23335

http://secunia.com/advisories/23329

http://secunia.com/advisories/23303

http://secunia.com/advisories/23299

http://secunia.com/advisories/23290

http://secunia.com/advisories/23284

http://secunia.com/advisories/23269

http://secunia.com/advisories/23259

http://secunia.com/advisories/23255

http://secunia.com/advisories/23250

http://secunia.com/advisories/23245

http://lists.suse.com/archive/suse-security-announce/2006-Dec/0004.html

http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000491.html

Details

Source: Mitre, NVD

Published: 2006-12-07

Updated: 2018-10-17

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical