Heap-based buffer overflow in the ask_outfile_name function in openfile.c for GnuPG (gpg) 1.4 and 2.0, when running interactively, might allow attackers to execute arbitrary code via messages with "C-escape" expansions, which cause the make_printable_string function to return a longer string than expected while constructing a prompt.
| Product | Vendor | Version |
|---|---|---|
| n/a | n/a | < 6cd8a2930df850f4600fe8c57d0662b376520281 |