Security Advisory

CVE-2006-6169

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2006-11-29 18:00:00

Last updated 2024-08-07 20:19:34

Assigner mitre

State PUBLISHED

Description

Heap-based buffer overflow in the ask_outfile_name function in openfile.c for GnuPG (gpg) 1.4 and 2.0, when running interactively, might allow attackers to execute arbitrary code via messages with "C-escape" expansions, which cause the make_printable_string function to return a longer string than expected while constructing a prompt.

← Browse all CVEs View on cve.org ↗