Lucene search

K
ubuntucveUbuntu.comUB:CVE-2006-6169
HistoryNov 29, 2006 - 12:00 a.m.

CVE-2006-6169

2006-11-2900:00:00
ubuntu.com
ubuntu.com
5

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.029 Low

EPSS

Percentile

90.8%

Heap-based buffer overflow in the ask_outfile_name function in openfile.c
for GnuPG (gpg) 1.4 and 2.0, when running interactively, might allow
attackers to execute arbitrary code via messages with “C-escape”
expansions, which cause the make_printable_string function to return a
longer string than expected while constructing a prompt.

OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchgnupg< 1.4.2.2-1ubuntu2.5UNKNOWN
ubuntu6.10noarchgnupg< 1.4.3-2ubuntu3.3UNKNOWN
ubuntu7.04noarchgnupg< 1.4.6-1ubuntu2UNKNOWN
ubuntu7.10noarchgnupg< 1.4.6-1ubuntu2UNKNOWN
ubuntu8.04noarchgnupg< 1.4.6-1ubuntu2UNKNOWN
ubuntu8.10noarchgnupg< 1.4.6-1ubuntu2UNKNOWN
ubuntu9.04noarchgnupg< 1.4.6-1ubuntu2UNKNOWN
ubuntu9.10noarchgnupg< 1.4.6-1ubuntu2UNKNOWN
ubuntu6.10noarchgnupg2< 1.9.21-0ubuntu5.3UNKNOWN
ubuntu7.04noarchgnupg2< 2.0.3-1ubuntu1UNKNOWN

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.029 Low

EPSS

Percentile

90.8%