CVE Vulnerabilities

CVE-2008-1530

Published: Mar 27, 2008 | Modified: Aug 08, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

GnuPG (gpg) 1.4.8 and 2.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted duplicate keys that are imported from key servers, which triggers memory corruption around deduplication of user IDs.

Affected Software

Name Vendor Start Version End Version
Gnupg Gnupg 1.4.8 1.4.8
Gnupg Gnupg 2.0.8 2.0.8

References