gnupg
Page content
- Author: voroskoi
- Vulnerable: 1.4.5-1
- Unaffected: 1.4.5-2siwenna1
Hugh Warrington has reported a vulnerability in GnuPG, which potentially can be exploited by malicious people to compromise a user’s system. The vulnerability is caused due to a boundary error in the “ask_outfile_name()” function in openfile.c, because the “make_printable_string()” function can return a string longer than the expected “NAMELEN”. This can be exploited to cause a buffer overflow by e.g. tricking a user into processing a specially crafted file using the interactive mode. Successful exploitation may allow the execution of arbitrary code, but requires that the interactive mode is used. Applications using the batch mode (e.g. most e-mail clients) are not affected.
- Bug Tracker URL: http://bugs.frugalware.org/task/1497