CVE-2006-6235

A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory.

Published: Dec 7, 2006
Updated: Nov 9, 2025
CVE: CVE-2006-6235
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
gnu / privacy_guard	2.0.1	2.0.1.x
gnu / privacy_guard	1.4.2	1.4.2.x
gnu / privacy_guard	1.4	1.4.x
gnu / privacy_guard	1.4.5	1.4.5.x
gnu / privacy_guard	1.4.1	1.4.1.x
gpg4win / gpg4win	1.0.7	1.0.7.x
gnu / privacy_guard	1.9.20	1.9.20.x
gnu / privacy_guard	2.0	2.0.x
gnu / privacy_guard	1.3.3	1.3.3.x
gnu / privacy_guard	1.4.2.1	1.4.2.1.x
gnu / privacy_guard	1.4.3	1.4.3.x
gnu / privacy_guard	1.2.6	1.2.6.x
gnu / privacy_guard	1.2.5	1.2.5.x
gnu / privacy_guard	1.3.4	1.3.4.x
gnu / privacy_guard	1.9.15	1.9.15.x
gnu / privacy_guard	1.9.10	1.9.10.x
gnu / privacy_guard	1.4.4	1.4.4.x
gnu / privacy_guard	1.4.2.2	1.4.2.2.x
gnu / privacy_guard	1.2.7	1.2.7.x
gnu / privacy_guard	1.2.4	1.2.4.x
ubuntu / ubuntu_linux	5.10	5.10.x
redhat / enterprise_linux	4.0	4.0.x
redhat / enterprise_linux_desktop	3.0	3.0.x
redhat / fedora_core	core_5.0	core_5.0.x
rpath / linux	1	1.x
redhat / linux_advanced_workstation	2.1	2.1.x
redhat / fedora_core	core6	core6.x
redhat / enterprise_linux_desktop	4.0	4.0.x
ubuntu / ubuntu_linux	6.06	6.06.x
slackware / slackware_linux	11.0	11.0.x

Vulnerability Database

300,214

CVE-2006-6235

Deep Security Visibility Without the Complexity