CVE-2004-0797 — Zlib vulnerability

7 documents7 sources

Severity

2.1LOWNVD

EPSS

2.1%

top 15.87%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Zlib Debian Zlib

Timeline

PublishedOct 20

Latest updateMay 3

Description

The error handling in the (1) inflate and (2) inflateBack functions in ZLib compression library 1.2.x allows local users to cause a denial of service (application crash).

CVSS vector

AV:L/AC:L/C:N/I:N/A:PExploitability: 3.9 | Impact: 2.9

Affected Packages3 packages

▶debiandebian/zlib< zlib 1:1.2.1.1-6 (bookworm)

▶Debianzlib/zlib< 1:1.2.1.1-6+3

▶NVDzlib/zlib1.2.1

🔴Vulnerability Details

GHSA

GHSA-r2r9-xr4w-r49c: The error handling in the (1) inflate and (2) inflateBack functions in ZLib compression library 1↗2022-05-03

▶

OSV

CVE-2004-0797: The error handling in the (1) inflate and (2) inflateBack functions in ZLib compression library 1↗2004-10-20

▶

CVEList

CVE-2004-0797: The error handling in the (1) inflate and (2) inflateBack functions in ZLib compression library 1↗2004-09-14

▶

💥Exploits & PoCs

Exploit-DB

Solaris 2.5.1/2.6/7/8 rlogin (SPARC) - '/bin/login' Remote Buffer Overflow↗2004-12-24

▶

📋Vendor Advisories

Debian

CVE-2004-0797: zlib - The error handling in the (1) inflate and (2) inflateBack functions in ZLib comp...↗2004

▶