Back to search
CVE-2010-0001
Published: Jan 29, 2010
Modified: Aug 7, 2024
PUBLISHED
Description
Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 on 64-bit platforms, as used in ncompress and probably others, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted archive that uses LZW compression, leading to an array index error.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
38220
third-party-advisory
x_refsource_SECUNIA
40655
third-party-advisory
x_refsource_SECUNIA
http://support.apple.com/kb/HT4435
x_refsource_CONFIRM
ADV-2010-0185
vdb-entry
x_refsource_VUPEN
http://ncompress.sourceforge.net/#status
x_refsource_CONFIRM
SSRT100018
vendor-advisory
x_refsource_HP
USN-889-1
vendor-advisory
x_refsource_UBUNTU
oval:org.mitre.oval:def:10546
vdb-entry
signature
x_refsource_OVAL
1023490
vdb-entry
x_refsource_SECTRACK
ADV-2010-1872
vdb-entry
x_refsource_VUPEN
HPSBMA02554
vendor-advisory
x_refsource_HP
https://bugzilla.redhat.com/show_bug.cgi?id=554418
x_refsource_CONFIRM
APPLE-SA-2010-11-10-1
vendor-advisory
x_refsource_APPLE
DSA-1974
vendor-advisory
x_refsource_DEBIAN
MDVSA-2010:020
vendor-advisory
x_refsource_MANDRIVA
40689
third-party-advisory
x_refsource_SECUNIA
40551
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:7511
vdb-entry
signature
x_refsource_OVAL
38223
third-party-advisory
x_refsource_SECUNIA
http://savannah.gnu.org/forum/forum.php?forum_id=6153
x_refsource_CONFIRM
DSA-2074
vendor-advisory
x_refsource_DEBIAN
ADV-2010-1796
vdb-entry
x_refsource_VUPEN
RHSA-2010:0061
vendor-advisory
x_refsource_REDHAT
RHSA-2010:0095
vendor-advisory
x_refsource_REDHAT
MDVSA-2010:019
vendor-advisory
x_refsource_MANDRIVA
MDVSA-2011:152
vendor-advisory
x_refsource_MANDRIVA
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
x_refsource_CONFIRM
38225
third-party-advisory
x_refsource_SECUNIA
SUSE-SA:2010:008
vendor-advisory
x_refsource_SUSE
38232
third-party-advisory
x_refsource_SECUNIA
61869
vdb-entry
x_refsource_OSVDB
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now