I am normally just a lurker here, but I thought the LANGSEC folks would get a kick out of CVE-2014-4617 (http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4617), which allows a remote attacker to throw even the venerable GnuPG into an infinite loop using carefully crafted input.
Cheers, BW -- Brian M. Waters Burlington, Vermont, USA +1 (908) 380-8214 br...@brianmwaters.net https://brianmwaters.net/
signature.asc
Description: PGP signature
_______________________________________________ langsec-discuss mailing list langsec-discuss@mail.langsec.org https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss
