CVE-2010-2547 (retired)

Priority
Description
Use-after-free vulnerability in kbx/keybox-blob.c in GPGSM in GnuPG 2.x
through 2.0.16 allows remote attackers to cause a denial of service (crash)
and possibly execute arbitrary code via a certificate with a large number
of Subject Alternate Names, which is not properly handled in a realloc
operation when importing the certificate or verifying its signature.
Assigned-to
mdeslaur
More Information

Updated: 2019-03-26 11:52:22 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)