Heap-based buffer overflow in the ask_outfile_name function in openfile.c for GnuPG (gpg) 1.4 and 2.0, when running interactively, might allow attackers to execute arbitrary code via messages with "C-escape" expansions, which cause the make_printable_string function to return a longer string than expected while constructing a prompt.
Max CVSS
6.8
EPSS Score
2.39%
Published
2006-11-29
Updated
2018-10-17
Integer overflow in parse_comment in GnuPG (gpg) 1.4.4 allows remote attackers to cause a denial of service (segmentation fault) via a crafted message.
Max CVSS
5.0
EPSS Score
89.60%
Published
2006-07-28
Updated
2018-10-17
parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and earlier versions, allows remote attackers to cause a denial of service (gpg crash) and possibly overwrite memory via a message packet with a large length (long user ID string), which could lead to an integer overflow, as demonstrated using the --no-armor option.
Max CVSS
5.0
EPSS Score
60.26%
Published
2006-06-19
Updated
2018-10-18
3 vulnerabilities found