{"id":"CVE-2006-6235","details":"A \"stack overwrite\" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory.","modified":"2026-04-10T03:37:52.429940Z","published":"2006-12-07T11:28:00Z","references":[{"type":"ADVISORY","url":"ftp://patches.sgi.com/support/free/security/advisories/20061201-01-P.asc"},{"type":"ADVISORY","url":"http://secunia.com/advisories/23245"},{"type":"ADVISORY","url":"http://secunia.com/advisories/23250"},{"type":"ADVISORY","url":"http://secunia.com/advisories/23255"},{"type":"ADVISORY","url":"http://secunia.com/advisories/23259"},{"type":"ADVISORY","url":"http://secunia.com/advisories/23269"},{"type":"ADVISORY","url":"http://secunia.com/advisories/23284"},{"type":"ADVISORY","url":"http://secunia.com/advisories/23290"},{"type":"ADVISORY","url":"http://secunia.com/advisories/23299"},{"type":"ADVISORY","url":"http://secunia.com/advisories/23303"},{"type":"ADVISORY","url":"http://secunia.com/advisories/23329"},{"type":"ADVISORY","url":"http://secunia.com/advisories/23335"},{"type":"ADVISORY","url":"http://secunia.com/advisories/23513"},{"type":"ADVISORY","url":"http://secunia.com/advisories/24047"},{"type":"ADVISORY","url":"http://security.gentoo.org/glsa/glsa-200612-03.xml"},{"type":"ADVISORY","url":"http://www.debian.org/security/2006/dsa-1231"},{"type":"ADVISORY","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:228"},{"type":"ADVISORY","url":"http://www.novell.com/linux/security/advisories/2006_28_sr.html"},{"type":"ADVISORY","url":"http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.037.html"},{"type":"ADVISORY","url":"http://www.redhat.com/support/errata/RHSA-2006-0754.html"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/21462"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/usn-393-2"},{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2006/4881"},{"type":"FIX","url":"http://secunia.com/advisories/23245"},{"type":"FIX","url":"http://secunia.com/advisories/23250"},{"type":"FIX","url":"http://secunia.com/advisories/23255"},{"type":"FIX","url":"http://secunia.com/advisories/23269"},{"type":"FIX","url":"http://www.ubuntu.com/usn/usn-393-1"},{"type":"WEB","url":"http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000491.html"},{"type":"WEB","url":"http://lists.suse.com/archive/suse-security-announce/2006-Dec/0004.html"},{"type":"WEB","url":"http://securitytracker.com/id?1017349"},{"type":"WEB","url":"http://support.avaya.com/elmodocs2/security/ASA-2007-047.htm"},{"type":"WEB","url":"http://www.kb.cert.org/vuls/id/427009"},{"type":"WEB","url":"http://www.securityfocus.com/archive/1/453664/100/0/threaded"},{"type":"WEB","url":"http://www.securityfocus.com/archive/1/453723/100/0/threaded"},{"type":"WEB","url":"http://www.trustix.org/errata/2006/0070"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/30711"},{"type":"WEB","url":"https://issues.rpath.com/browse/RPL-835"},{"type":"WEB","url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11245"}],"schema_version":"1.7.5"}