CVE-2006-6169 : Detail

CVE-2006-6169

2.93%V3
Network
2006-11-29
17h00 +00:00
2018-10-17
18h57 +00:00
Notifications for a CVE
Stay informed of any changes for a specific CVE.
Notifications manage

CVE Descriptions

Heap-based buffer overflow in the ask_outfile_name function in openfile.c for GnuPG (gpg) 1.4 and 2.0, when running interactively, might allow attackers to execute arbitrary code via messages with "C-escape" expansions, which cause the make_printable_string function to return a longer string than expected while constructing a prompt.

CVE Informations

Metrics

Metrics Score Severity CVSS Vector Source
V2 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P [email protected]

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

Products Mentioned

Configuraton 0

Gnupg>>Gnupg >> Version 1.4

    Gnupg>>Gnupg >> Version 2.0

    References

    http://secunia.com/advisories/23110
    Tags : third-party-advisory, x_refsource_SECUNIA
    http://secunia.com/advisories/23269
    Tags : third-party-advisory, x_refsource_SECUNIA
    http://secunia.com/advisories/23303
    Tags : third-party-advisory, x_refsource_SECUNIA
    http://secunia.com/advisories/23513
    Tags : third-party-advisory, x_refsource_SECUNIA
    http://secunia.com/advisories/23284
    Tags : third-party-advisory, x_refsource_SECUNIA
    http://secunia.com/advisories/23146
    Tags : third-party-advisory, x_refsource_SECUNIA
    http://secunia.com/advisories/23171
    Tags : third-party-advisory, x_refsource_SECUNIA
    http://www.ubuntu.com/usn/usn-393-2
    Tags : vendor-advisory, x_refsource_UBUNTU
    http://www.redhat.com/support/errata/RHSA-2006-0754.html
    Tags : vendor-advisory, x_refsource_REDHAT
    http://www.trustix.org/errata/2006/0068/
    Tags : vendor-advisory, x_refsource_TRUSTIX
    http://securityreason.com/securityalert/1927
    Tags : third-party-advisory, x_refsource_SREASON
    http://www.debian.org/security/2006/dsa-1231
    Tags : vendor-advisory, x_refsource_DEBIAN
    http://secunia.com/advisories/23299
    Tags : third-party-advisory, x_refsource_SECUNIA
    http://www.ubuntu.com/usn/usn-389-1
    Tags : vendor-advisory, x_refsource_UBUNTU
    http://securitytracker.com/id?1017291
    Tags : vdb-entry, x_refsource_SECTRACK
    http://security.gentoo.org/glsa/glsa-200612-03.xml
    Tags : vendor-advisory, x_refsource_GENTOO
    http://secunia.com/advisories/23094
    Tags : third-party-advisory, x_refsource_SECUNIA
    http://www.securityfocus.com/bid/21306
    Tags : vdb-entry, x_refsource_BID
    http://www.vupen.com/english/advisories/2006/4736
    Tags : vdb-entry, x_refsource_VUPEN
    http://secunia.com/advisories/23250
    Tags : third-party-advisory, x_refsource_SECUNIA
    http://secunia.com/advisories/23161
    Tags : third-party-advisory, x_refsource_SECUNIA
    http://www.mandriva.com/security/advisories?name=MDKSA-2006:221
    Tags : vendor-advisory, x_refsource_MANDRIVA
    http://secunia.com/advisories/24047
    Tags : third-party-advisory, x_refsource_SECUNIA