Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 on 64-bit platforms, as used in ncompress and probably others, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted archive that uses LZW compression, leading to an array index error.
References
Configurations
Configuration 1 (hide)
|
History
13 Feb 2023, 02:20
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 on 64-bit platforms, as used in ncompress and probably others, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted archive that uses LZW compression, leading to an array index error. |
02 Feb 2023, 17:17
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | CVE-2010-0001 gzip: (64 bit) Integer underflow by decompressing LZW format files |
Information
Published : 2010-01-29 18:30
Updated : 2023-12-10 11:03
NVD link : CVE-2010-0001
Mitre link : CVE-2010-0001
CVE.ORG link : CVE-2010-0001
JSON object : View
Products Affected
gnu
- gzip
CWE
CWE-189
Numeric Errors