Oval Definition:	oval:org.mitre.oval:tst:32348
Comment: gnupg is earlier than 0:1.2.1-19 Type: rpminfo_test Namespace: linux Check_Existence: at_least_one_exists Check: at least one State Operator: AND References Object: oval:org.mitre.oval:obj:13847 State: oval:org.mitre.oval:ste:10109 Referencing Definitions Definition ID Class Title Last Modified oval:org.mitre.oval:def:11228 V Heap-based buffer overflow in the ask_outfile_name function in openfile.c for GnuPG (gpg) 1.4 and 2.0, when running interactively, might allow attackers to execute arbitrary code via messages with "C-escape" expansions, which cause the make_printable_string function to return a longer string than expected while constructing a prompt. 2013-04-29 oval:org.mitre.oval:def:11245 V A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory. 2013-04-29
BACK