CVE-2001-1228

3 documents3 sources

Severity

7.5HIGH

EPSS

1.3%

top 20.08%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

GNU Gzip

Timeline

PublishedNov 18

Latest updateMay 3

Description

Buffer overflows in gzip 1.3x, 1.2.4, and other versions might allow attackers to execute code via a long file name, possibly remotely if gzip is run on an FTP server.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDgnu/gzip1.2.4, 1.2.4a, 1.3+2

Patches

Patch: online.securityfocus.com ↗Patch: online.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-8c56-qq4x-f422: Buffer overflows in gzip 1↗2022-05-03

▶

CVEList

CVE-2001-1228: Buffer overflows in gzip 1↗2002-04-12

▶