Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2014-4617
Description:The do_uncompress function in g10/compress.c in GnuPG 1.x before 1.4.17 and 2.x before 2.0.24 allows context-dependent attackers to cause a denial of service (infinite loop) via malformed compressed packets, as demonstrated by an a3 01 5b ff byte sequence.
Test IDs: 1.3.6.1.4.1.25623.1.0.702967   1.3.6.1.4.1.25623.1.0.841877   1.3.6.1.4.1.25623.1.0.702968   1.3.6.1.4.1.25623.1.0.867925   1.3.6.1.4.1.25623.1.0.869282   1.3.6.1.4.1.25623.1.0.120582   1.3.6.1.4.1.25623.1.0.120583   1.3.6.1.4.1.25623.1.0.121243   1.3.6.1.4.1.25623.1.1.2.2020.1232   1.3.6.1.4.1.25623.1.1.4.2014.0896.1  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2014-4617
Debian Security Information: DSA-2967 (Google Search)
http://www.debian.org/security/2014/dsa-2967
Debian Security Information: DSA-2968 (Google Search)
http://www.debian.org/security/2014/dsa-2968
http://lists.gnupg.org/pipermail/gnupg-announce/2014q2/000344.html
http://lists.gnupg.org/pipermail/gnupg-announce/2014q2/000345.html
http://secunia.com/advisories/59213
http://secunia.com/advisories/59351
http://secunia.com/advisories/59534
http://secunia.com/advisories/59578
SuSE Security Announcement: openSUSE-SU-2014:0866 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-07/msg00010.html
http://www.ubuntu.com/usn/USN-2258-1




© 1998-2024 E-Soft Inc. All rights reserved.