8 matches found
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the AEADEncDataPacket parser in AEADEncDataPacket.java. An attacker can crash packet parsing by supplying an AEAD-encrypted OpenPGP packet with an out-of-range chunk size valu...
EUVD-2012-5956
Malware in sbrugna...
Denial Of Service (DoS)
gnupg2 is vulnerable to denial of service DoS attacks. The vulnerability exists as the readblock function in g10/import.c in GnuPG 1.4.x before 1.4.13 and 2.0.x through 2.0.19, when importing a key, allows remote attackers to corrupt the public keyring database or cause a denial of service...
F5 BIG-IP - GnuPG vulnerability CVE-2012-6085
The remote host is missing a security patch. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/h:f5:big-ip"; if description...
Design/Logic Flaw
The readblock function in g10/import.c in GnuPG 1.4.x before 1.4.13 and 2.0.x through 2.0.19, when importing a key, allows remote attackers to corrupt the public keyring database or cause a denial of service application crash via a crafted length field of an OpenPGP packet...
CVE-2012-6085
The readblock function in g10/import.c in GnuPG 1.4.x before 1.4.13 and 2.0.x through 2.0.19, when importing a key, allows remote attackers to corrupt the public keyring database or cause a denial of service application crash via a crafted length field of an OpenPGP packet...
PT-2013-1172 · Gnu +3 · Gnupg +3
Name of the Vulnerable Software and Affected Versions: GnuPG versions 1.4.x through 1.4.12 GnuPG versions 2.0.x through 2.0.19 gnupg2 versions 2.0.10 through 2.0.14 Description: The issue affects the integrity and availability of protected information. Exploitation of the vulnerabilities can be...
CVE-2012-6085
The readblock function in g10/import.c in GnuPG 1.4.x before 1.4.13 and 2.0.x through 2.0.19, when importing a key, allows remote attackers to corrupt the public keyring database or cause a denial of service application crash via a crafted length field of an OpenPGP packet...