Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu gzip vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2004-0603
gzexe in gzip 1.3.3 and previous versions will execute an argument when the creation of a temp file fails instead of exiting the program, which could allow remote attackers or local users to execute arbitrary commands, a different vulnerability than CVE-1999-1332.
Gnu Gzip
7.5
CVSSv2
CVE-2006-4335
Array index error in the make_table function in unlzh.c in the LZH decompression component in gzip 1.3.5, when running on certain platforms, allows context-dependent malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted GZIP archiv...
Gzip Gzip 1.3.5
7.5
CVSSv2
CVE-2006-4336
Buffer underflow in the build_tree function in unpack.c in gzip 1.3.5 allows context-dependent malicious users to execute arbitrary code via a crafted leaf count table that causes a write to a negative index.
Gzip Gzip 1.3.5
7.5
CVSSv2
CVE-2006-4337
Buffer overflow in the make_table function in the LHZ component in gzip 1.3.5 allows context-dependent malicious users to execute arbitrary code via a crafted decoding table in a GZIP archive.
Gzip Gzip 1.3.5
7.5
CVSSv2
CVE-2001-1228
Buffer overflows in gzip 1.3x, 1.2.4, and other versions might allow malicious users to execute code via a long file name, possibly remotely if gzip is run on an FTP server.
Gnu Gzip 1.3
Gnu Gzip 1.2.4a
Gnu Gzip 1.2.4
1 Github repository
7.2
CVSSv2
CVE-2002-1245
Maped in LuxMan 0.41 uses the user-provided search path to find and execute the gzip program, which allows local users to modify /dev/mem and gain privileges via a modified PATH environment variable that points to a Trojan horse gzip program.
Frank Mcingvale Luxman 0.41
6.8
CVSSv2
CVE-2010-0001
Integer underflow in the unlzw function in unlzw.c in gzip prior to 1.4 on 64-bit platforms, as used in ncompress and probably others, allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted archive that uses...
Gnu Gzip
Gnu Gzip 1.3.12
Gnu Gzip 1.3.1
Gnu Gzip 1.3.8
Gnu Gzip 1.3
Gnu Gzip 1.3.3
Gnu Gzip 1.3.11
Gnu Gzip 1.3.6
Gnu Gzip 1.3.2
Gnu Gzip 1.2.4
Gnu Gzip 1.3.10
Gnu Gzip 1.3.5
Gnu Gzip 1.3.7
Gnu Gzip 1.2.4a
Gnu Gzip 1.3.9
Gnu Gzip 1.3.4
6.8
CVSSv2
CVE-2009-2624
The huft_build function in inflate.c in gzip prior to 1.3.13 creates a hufts (aka huffman) table that is too small, which allows remote malicious users to cause a denial of service (application crash or infinite loop) or possibly execute arbitrary code via a crafted archive. NOTE...
Gnu Gzip 1.3.6
Gnu Gzip 1.3.5
Gnu Gzip
Gnu Gzip 1.3.10
Gnu Gzip 1.3
Gnu Gzip 1.3.2
Gnu Gzip 1.3.1
Gnu Gzip 1.3.9
Gnu Gzip 1.3.8
Gnu Gzip 1.3.7
Gnu Gzip 1.2.4
Gnu Gzip 1.2.4a
Gnu Gzip 1.3.11
Gnu Gzip 1.3.4
Gnu Gzip 1.3.3
5
CVSSv2
CVE-2006-4334
Unspecified vulnerability in gzip 1.3.5 allows context-dependent malicious users to cause a denial of service (crash) via a crafted GZIP (gz) archive, which results in a NULL dereference.
Gzip Gzip 1.3.5
5
CVSSv2
CVE-2006-4338
unlzh.c in the LHZ component in gzip 1.3.5 allows context-dependent malicious users to cause a denial of service (infinite loop) via a crafted GZIP archive.
Gzip Gzip 1.3.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »