gzexe in gzip 1.3.3 and previous versions will execute an argument when the creation of a temp file fails instead of exiting the program, which could allow remote attackers or local users to execute arbitrary commands, a different vulnerability than CVE-1999-1332.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gnu gzip |