Vulnerability CVE-2002-0059


Published: 2002-03-15   Modified: 2012-02-12

Description:
The decompression algorithm in zlib 1.1.3 and earlier, as used in many different utilities and packages, causes inflateEnd to release certain memory more than once (a "double free"), which may allow local and remote attackers to execute arbitrary code via a block of malformed compression data.

Type:

CWE-Other

Vendor: GNU
Product: ZLIB 
Version:
1.1.3
1.1.2
1.1.1
1.1
1.0.9
1.0.8
1.0.7
1.0.6
1.0.5
1.0.4
1.0.3
1.0.2
1.0.1
1.0

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

 References:
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-015.1.txt
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000469
http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:022
http://www.caldera.com/support/security/advisories/CSSA-2002-014.1.txt
http://www.cert.org/advisories/CA-2002-07.html
http://www.debian.org/security/2002/dsa-122
http://www.kb.cert.org/vuls/id/368819
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-023.php
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-024.php3
http://www.redhat.com/support/errata/RHSA-2002-026.html
http://www.redhat.com/support/errata/RHSA-2002-027.html
http://www.securityfocus.com/bid/4267
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBTL0204-030
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBTL0204-036
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBTL0204-037
https://exchange.xforce.ibmcloud.com/vulnerabilities/8427

Related CVE
CVE-2012-6711
A heap-based buffer overflow exists in GNU Bash before 4.3 when wide characters, not supported by the current locale set in the LC_CTYPE environment variable, are printed through the echo built-in function. A local attacker, who can provide data to p...
CVE-2018-12886
stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack ...
CVE-2019-5953
Buffer overflow in GNU Wget 1.20.1 and earlier allows remote attackers to cause a denial-of-service (DoS) or may execute an arbitrary code via unspecified vectors.
CVE-2019-11640
An issue was discovered in GNU recutils 1.8. There is a heap-based buffer overflow in the function rec_fex_parse_str_simple at rec-fex.c in librec.a.
CVE-2019-11639
An issue was discovered in GNU recutils 1.8. There is a stack-based buffer overflow in the function rec_type_check_enum at rec-types.c in librec.a.
CVE-2019-11638
An issue was discovered in GNU recutils 1.8. There is a NULL pointer dereference in the function rec_field_name_equal_p at rec-field-name.c in librec.a, leading to a crash.
CVE-2019-11637
An issue was discovered in GNU recutils 1.8. There is a NULL pointer dereference in the function rec_rset_get_props at rec-rset.c in librec.a, leading to a crash.
CVE-2006-7254
The nscd daemon in the GNU C Library (glibc) before version 2.5 does not close incoming client sockets if they cannot be handled by the daemon, allowing local users to carry out a denial of service attack on the daemon.

Copyright 2019, cxsecurity.com

 

Back to Top