Unrated severityNVD Advisory· Published Dec 7, 2006· Updated Jun 16, 2026
CVE-2006-6235
CVE-2006-6235
Description
A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
32cpe:2.3:a:gnu:privacy_guard:1.2.4:*:*:*:*:*:*:*+ 18 more
- cpe:2.3:a:gnu:privacy_guard:1.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:privacy_guard:1.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:privacy_guard:1.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:privacy_guard:1.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:privacy_guard:1.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:privacy_guard:1.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:privacy_guard:1.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:privacy_guard:1.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:privacy_guard:1.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:privacy_guard:1.4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:privacy_guard:1.4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:privacy_guard:1.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:privacy_guard:1.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:privacy_guard:1.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:privacy_guard:1.9.10:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:privacy_guard:1.9.15:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:privacy_guard:1.9.20:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:privacy_guard:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:privacy_guard:2.0.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*+ 2 more
- cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:fedora_core:core_5.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:redhat:fedora_core:core_5.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:fedora_core:core6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*
Patches
Vulnerability mechanics
References
35- secunia.com/advisories/23245nvdPatchVendor Advisory
- secunia.com/advisories/23250nvdPatchVendor Advisory
- secunia.com/advisories/23255nvdPatchVendor Advisory
- secunia.com/advisories/23269nvdPatchVendor Advisory
- www.ubuntu.com/usn/usn-393-1nvdPatch
- www.redhat.com/support/errata/RHSA-2006-0754.htmlnvdVendor Advisory
- www.securityfocus.com/bid/21462nvdVendor Advisory
- www.kb.cert.org/vuls/id/427009nvdUS Government Resource
- patches.sgi.com/support/free/security/advisories/20061201-01-P.ascnvd
- lists.gnupg.org/pipermail/gnupg-announce/2006q4/000491.htmlnvd
- lists.suse.com/archive/suse-security-announce/2006-Dec/0004.htmlnvd
- secunia.com/advisories/23259nvd
- secunia.com/advisories/23284nvd
- secunia.com/advisories/23290nvd
- secunia.com/advisories/23299nvd
- secunia.com/advisories/23303nvd
- secunia.com/advisories/23329nvd
- secunia.com/advisories/23335nvd
- secunia.com/advisories/23513nvd
- secunia.com/advisories/24047nvd
- security.gentoo.org/glsa/glsa-200612-03.xmlnvd
- securitytracker.com/idnvd
- support.avaya.com/elmodocs2/security/ASA-2007-047.htmnvd
- www.debian.org/security/2006/dsa-1231nvd
- www.mandriva.com/security/advisoriesnvd
- www.novell.com/linux/security/advisories/2006_28_sr.htmlnvd
- www.openpkg.com/security/advisories/OpenPKG-SA-2006.037.htmlnvd
- www.securityfocus.com/archive/1/453664/100/0/threadednvd
- www.securityfocus.com/archive/1/453723/100/0/threadednvd
- www.trustix.org/errata/2006/0070nvd
- www.ubuntu.com/usn/usn-393-2nvd
- www.vupen.com/english/advisories/2006/4881nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/30711nvd
- issues.rpath.com/browse/RPL-835nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11245nvd
News mentions
0No linked articles in our index yet.