Description
Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 on 64-bit platforms, as used in ncompress and probably others, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted archive that uses LZW compression, leading to an array index error.
CVSS vector
AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4 Affected Packages3 packages
🔴Vulnerability Details
3GHSAGHSA-pqhm-g528-h5pg: Integer underflow in the unlzw function in unlzw↗2022-05-02 OSVCVE-2010-0001: Integer underflow in the unlzw function in unlzw↗2010-01-29 CVEListCVE-2010-0001: Integer underflow in the unlzw function in unlzw↗2010-01-29 💥Exploits & PoCs
1NucleiListSERV Maestro <= 9.0-8 RCE
📋Vendor Advisories
3Ubuntugzip vulnerabilities↗2010-01-20 Red Hatgzip: (64 bit) Integer underflow by decompressing LZW format files↗2010-01-20 DebianCVE-2010-0001: busybox - Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 on 64-bit ...↗2010 💬Community
4BugzillaCVE-2010-3170 firefox/nss: doesn't handle IP-based wildcards in X509 certificates safely↗2010-09-03 BugzillaCVE-2010-5076 Qt: QSslSocket incorrect handling of IP wildcards in certificate Common Name↗2010-09-03 BugzillaCVE-2010-0441 Asterisk: Remote DoS via specially-crafted FaxMaxDatagram SDP packets (AST-2010-001)↗2010-02-03 BugzillaCVE-2010-0001 gzip: (64 bit) Integer underflow by decompressing LZW format files↗2010-01-11