CVE-2006-4336
Buffer underflow in the build_tree function in unpack.c in gzip 1.3.5 allows context-dependent attackers to execute arbitrary code via a crafted leaf count table that causes a write to a negative index.
Date published : 2006-09-19
http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html