44 matches found
DLA-39-1 gpgme1.0 - security update
Bulletin has no description...
PT-2014-5398 · Gnupg +3 · Gpgme +3
Name of the Vulnerable Software and Affected Versions: GPGME versions prior to 1.5.1 Description: The issue is related to multiple heap-based buffer overflows in the status handler function, specifically in the engine-gpgsm.c and engine-uiserver.c files. This can be exploited by remote attackers ...
UBUNTU-CVE-2014-3564
Multiple heap-based buffer overflows in the statushandler function in 1 engine-gpgsm.c and 2 engine-uiserver.c in GPGME before 1.5.1 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via vectors related to "different line lengths in a specific order."...
gpgme -- heap-based buffer overflow in gpgsm status handler
Tomas Trnka reports: Gpgme contains a buffer overflow in the gpgsm status handler that could possibly be exploited using a specially crafted certificate...