• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

GnuPG Duplicated Key Import Memory Corruption Vulnerability

GnuPG is prone to a memory-corruption vulnerability.

Exploiting this issue may allow remote attackers to crash the affected application. Attackers may also be able to execute arbitrary code in the context of the application, but this has not been confirmed.

GnuPG 1.4.8 and 2.0.8 are vulnerable to this issue; previous versions may also be affected.