NVD

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( Dot gov ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:

Keyword (text search): cpe:2.3:a:gnu:gzip:1.3.9:*:*:*:*:*:*:*
CPE Name Search: true

There are 2 matching records.

Displaying matches 1 through 2.

Vuln ID	Summary	CVSS Severity
CVE-2010-0001	Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 on 64-bit platforms, as used in ncompress and probably others, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted archive that uses LZW compression, leading to an array index error. Published: January 29, 2010; 1:30:00 PM -0500	V3.x:(not available) V2.0: 6.8 MEDIUM
CVE-2009-2624	The huft_build function in inflate.c in gzip before 1.3.13 creates a hufts (aka huffman) table that is too small, which allows remote attackers to cause a denial of service (application crash or infinite loop) or possibly execute arbitrary code via a crafted archive. NOTE: this issue is caused by a CVE-2006-4334 regression. Published: January 29, 2010; 1:30:00 PM -0500	V3.x:(not available) V2.0: 6.8 MEDIUM

You are viewing this page in an unauthorized frame window.

Information Technology Laboratory

National Vulnerability Database

National Vulnerability Database

Search Results (Refine Search)