Security Advisory

CVE-2010-2547

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2010-08-05 18:00:00

Last updated 2024-08-07 02:39:37

Assigner redhat

State PUBLISHED

Description

Use-after-free vulnerability in kbx/keybox-blob.c in GPGSM in GnuPG 2.x through 2.0.16 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a certificate with a large number of Subject Alternate Names, which is not properly handled in a realloc operation when importing the certificate or verifying its signature.

← Browse all CVEs View on cve.org ↗