Vulnerabilities

CVE-2010-0001

by Fred · 29/01/2010

Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 on 64-bit platforms, as used in ncompress and probably others, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted archive that uses LZW compression, leading to an array index error.

Date published : 2010-01-29

http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html

http://git.savannah.gnu.org/cgit/gzip.git/commit/?id=a3db5806d012082b9e25cc36d09f19cd736a468f

Similar

Tags: Cybersecurity Alert