Computer Security
[EN] securityvulns.ru no-pyccku


gzip integer overflow
Published:21.01.2010
Source:
SecurityVulns ID:10544
Type:library
Threat Level:
7/10
Description:Integer overflow on LZW decompression.
Affected:gzip : gzip 1.3
CVE:CVE-2010-0001 (Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 on 64-bit platforms, as used in ncompress and probably others, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted archive that uses LZW compression, leading to an array index error.)
Original documentdocumentMANDRIVA, [ MDVSA-2010:019 ] gzip (21.01.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod