CVE-2006-6235

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2006-6235

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2006-6235.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2006-6235

Downstream

DEBIAN-CVE-2006-6235

DSA-1231-1

RHSA-2006:0754

Published

2006-12-07T11:28:00Z

Modified

2025-08-09T19:01:27Z

Summary

[none]

Details

A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory.

References

ftp://patches.sgi.com/support/free/security/advisories/20061201-01-P.asc
http://secunia.com/advisories/23245
http://secunia.com/advisories/23250
http://secunia.com/advisories/23255
http://secunia.com/advisories/23259
http://secunia.com/advisories/23269
http://secunia.com/advisories/23284
http://secunia.com/advisories/23290
http://secunia.com/advisories/23299
http://secunia.com/advisories/23303
http://secunia.com/advisories/23329
http://secunia.com/advisories/23335
http://secunia.com/advisories/23513
http://secunia.com/advisories/24047
http://security.gentoo.org/glsa/glsa-200612-03.xml
http://www.debian.org/security/2006/dsa-1231
http://www.mandriva.com/security/advisories?name=MDKSA-2006:228
http://www.novell.com/linux/security/advisories/2006_28_sr.html
http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.037.html
http://www.redhat.com/support/errata/RHSA-2006-0754.html
http://www.securityfocus.com/bid/21462
http://www.ubuntu.com/usn/usn-393-2
http://www.vupen.com/english/advisories/2006/4881
http://www.ubuntu.com/usn/usn-393-1
http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000491.html
http://lists.suse.com/archive/suse-security-announce/2006-Dec/0004.html
http://securitytracker.com/id?1017349
http://support.avaya.com/elmodocs2/security/ASA-2007-047.htm
http://www.kb.cert.org/vuls/id/427009
http://www.securityfocus.com/archive/1/453664/100/0/threaded
http://www.securityfocus.com/archive/1/453723/100/0/threaded
http://www.trustix.org/errata/2006/0070
https://exchange.xforce.ibmcloud.com/vulnerabilities/30711
https://issues.rpath.com/browse/RPL-835
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11245

CVE-2006-6235

Affected packages