5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
Jean-Rene Reinhard, Olivier Levillain and Florian Maury reported that
GnuPG, the GNU Privacy Guard, did not properly parse certain garbled
compressed data packets. A remote attacker could use this flaw to mount
a denial of service against GnuPG by triggering an infinite loop.
For Debian 6 Squeeze, these issues have been fixed in gnupg2 version 2.0.14-2+squeeze3
CPE | Name | Operator | Version |
---|---|---|---|
gnupg2 | eq | 2.0.14-2+squeeze1 | |
gnupg2 | eq | 2.0.14-2 |