unlzh.c in the LHZ component in gzip 1.3.5 allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted GZIP archive.
Max CVSS
5.0
EPSS Score
6.51%
Published
2006-09-19
Updated
2018-10-17
Buffer overflow in the make_table function in the LHZ component in gzip 1.3.5 allows context-dependent attackers to execute arbitrary code via a crafted decoding table in a GZIP archive.
Max CVSS
7.5
EPSS Score
3.77%
Published
2006-09-19
Updated
2018-10-17
Buffer underflow in the build_tree function in unpack.c in gzip 1.3.5 allows context-dependent attackers to execute arbitrary code via a crafted leaf count table that causes a write to a negative index.
Max CVSS
7.5
EPSS Score
3.11%
Published
2006-09-19
Updated
2018-10-17
Array index error in the make_table function in unlzh.c in the LZH decompression component in gzip 1.3.5, when running on certain platforms, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted GZIP archive that triggers an out-of-bounds write, aka a "stack modification vulnerability."
Max CVSS
7.5
EPSS Score
2.19%
Published
2006-09-19
Updated
2018-10-17
Unspecified vulnerability in gzip 1.3.5 allows context-dependent attackers to cause a denial of service (crash) via a crafted GZIP (gz) archive, which results in a NULL dereference.
Max CVSS
5.0
EPSS Score
6.63%
Published
2006-09-19
Updated
2018-10-17
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!