gnupg vulnerability

ID USN-304-1
Type ubuntu
Reporter Ubuntu
Modified 2006-06-27T00:00:00


Evgeny Legerov discovered that GnuPG did not sufficiently check overly large user ID packets. Specially crafted user IDs caused a buffer overflow. By tricking an user or remote automated system into processing a malicous GnuPG message, an attacker could exploit this to crash GnuPG or possibly even execute arbitrary code.