CVE-2008-1530
- Source
- https://cve.org/CVERecord?id=CVE-2008-1530
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2008-1530.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2008-1530
- Downstream
- Related
- Published
- 2008-03-27T23:44:00Z
- Modified
- 2026-02-04T03:36:37.231806Z
- Summary
- [none]
- Details
-
GnuPG (gpg) 1.4.8 and 2.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted duplicate keys that are imported from key servers, which triggers "memory corruption around deduplication of user IDs."
- References
-
- http://secunia.com/advisories/29568
- http://www.ocert.org/advisories/ocert-2008-1.html
- http://www.vupen.com/english/advisories/2008/1056/references
- http://lists.gnupg.org/pipermail/gnupg-announce/2008q1/000272.html
- http://www.securityfocus.com/bid/28487
- https://bugs.g10code.com/gnupg/issue894
- https://bugs.gentoo.org/show_bug.cgi?id=214990
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41547