Double free() in zlib updated since 12.03.2002
Published:		19.10.2007
Source:		BUGTRAQ
SecurityVulns ID:		1857
Type:		library
Level:		8/10
Description:		Double free() call on same memory chunk causes heap corruption with potential code execution.

Affected:		XFREE : XFree86 4.0
		DUMP : dump 0.4
		VNC : VNC 3.3
		LINUX : kernel 2.2
		RSYNC : rsync 2.4
		CVS : cvs 1.11
		ZLIB : zlib 1.1
		RMT : rmt 0.4
		GNU : gcc 3.0
		XFREE : XFree86 3.3
		PPP : ppp 2.4
		CHROMIUM : chromium 0.3
		RRDTOOL : rrdtool 1.0
		CISCO : Cache Software 3.1
		CISCO : IDS-4210
		CISCO : IDS-4220
		CISCO : IDS-4230
		CISCO : Metro 1500 DWDM
		CISCO : HSE 1.0
		CISCO : HSE 1.3
		CISCO : ME1100
		BITDEFENDER : BitDefender 10

Original document		Stefan Kanthak, Softwin's anti-virus BitDefender contains vulnerable zlib (CA-2007-07) (19.10.2007)
		CISCO, Security Advisory: Vulnerability in zlib library (04.04.2002)
		CERT, Advisory CA-2002-07 Double Free Bug in zlib Compression Library (13.03.2002)
		Jean-loup Gailly, security problem fixed in zlib 1.1.4 (12.03.2002)

Discuss:

Read or add your comments to this news (0 comments)