A “stack overwrite” vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory.
ftp://patches.sgi.com/support/free/security/advisories/20061201-01-P.asc
lists.gnupg.org/pipermail/gnupg-announce/2006q4/000491.html
lists.suse.com/archive/suse-security-announce/2006-Dec/0004.html
secunia.com/advisories/23245
secunia.com/advisories/23250
secunia.com/advisories/23255
secunia.com/advisories/23259
secunia.com/advisories/23269
secunia.com/advisories/23284
secunia.com/advisories/23290
secunia.com/advisories/23299
secunia.com/advisories/23303
secunia.com/advisories/23329
secunia.com/advisories/23335
secunia.com/advisories/23513
secunia.com/advisories/24047
security.gentoo.org/glsa/glsa-200612-03.xml
securitytracker.com/id?1017349
support.avaya.com/elmodocs2/security/ASA-2007-047.htm
www.debian.org/security/2006/dsa-1231
www.kb.cert.org/vuls/id/427009
www.mandriva.com/security/advisories?name=MDKSA-2006:228
www.novell.com/linux/security/advisories/2006_28_sr.html
www.openpkg.com/security/advisories/OpenPKG-SA-2006.037.html
www.redhat.com/support/errata/RHSA-2006-0754.html
www.securityfocus.com/archive/1/453664/100/0/threaded
www.securityfocus.com/archive/1/453723/100/0/threaded
www.securityfocus.com/bid/21462
www.trustix.org/errata/2006/0070
www.ubuntu.com/usn/usn-393-1
www.ubuntu.com/usn/usn-393-2
www.vupen.com/english/advisories/2006/4881
exchange.xforce.ibmcloud.com/vulnerabilities/30711
issues.rpath.com/browse/RPL-835
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11245