2 matches found
CVE-2006-6169
Heap-based buffer overflow in the askoutfilename function in openfile.c for GnuPG gpg 1.4 and 2.0, when running interactively, might allow attackers to execute arbitrary code via messages with "C-escape" expansions, which cause the makeprintablestring function to return a longer string than...
GnuPG Make_Printable_String远程缓冲区溢出漏洞
GnuPG是一款开放源代码的加解密程序。 GnuPG存在一个缓冲区溢出问题,远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 问题存在于makeprintablestring函数中,会返回一个超过NAMELEN长度的字符串,可导致缓冲区溢出。不过此漏洞需要交互模式才能利用,攻击者代码必须使makeprintablestring插入额外字符C-转义序列来触发。 GNU GNU Privacy Guard 2.0 GNU GNU Privacy Guard 1.4.5 GNU GNU Privacy Guard 1.4.4 GNU GNU Privacy Guard 1.4.3 GNU...