gnupg
Page content
- Author: voroskoi
- Vulnerable: 1.4.5-2siwenna1
- Unaffected: 1.4.5-3siwenna1
Tavis Ormandy has reported a vulnerability in GnuPG, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an error within the decryption of malformed OpenPGP messages. This can be exploited to corrupt memory when decrypting a specially crafted OpenPGP message. Successful exploitation allows execution of arbitrary code.
- Bug Tracker URL: http://bugs.frugalware.org/task/1512