|
|
Subscribe / Log in / New account

gnupg: code execution

Package(s):gnupg CVE #(s):
Created:December 6, 2010 Updated:December 10, 2010
Description: From the rPath advisory:

A use-after-free vulnerability in kbx/keybox-blob.c in GPGSM in GnuPG could allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by tricking a user into importing a certificate with a large number of Subject Alternate Names.

Alerts:
rPath rPSA-2010-0076-1 gnupg 2010-12-06
to post comments

gnupg: code execution CVE number

Posted Dec 10, 2010 9:04 UTC (Fri) by tomj (subscriber, #63242) [Link]

This is the old CVE-2010-2547 (you can see the CVE number if you follow the link to the rpath bugtracker).

Link to same issue:
https://bugzilla.redhat.com/show_bug.cgi?id=618156


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds