6.1 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.013 Low
EPSS
Percentile
86.0%
Package : gnupg2
Version : 2.0.14-2+squeeze3
CVE ID : CVE-2014-4617
Debian Bug : 752498
Jean-Rene Reinhard, Olivier Levillain and Florian Maury reported that
GnuPG, the GNU Privacy Guard, did not properly parse certain garbled
compressed data packets. A remote attacker could use this flaw to mount
a denial of service against GnuPG by triggering an infinite loop.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 6 | all | gpgsm | < 2.0.14-2+squeeze2 | gpgsm_2.0.14-2+squeeze2_all.deb |
Debian | 6 | all | gnupg2 | < 2.0.14-2+squeeze2 | gnupg2_2.0.14-2+squeeze2_all.deb |
Debian | 6 | all | gnupg-agent | < 2.0.14-2+squeeze2 | gnupg-agent_2.0.14-2+squeeze2_all.deb |