CVE-2004-0603

Currently unrated

Key Information:

Vendor: Gnu
Status: Gzip
Vendor: CVE Published:; 6 December 2004

Summary

gzexe in gzip 1.3.3 and earlier will execute an argument when the creation of a temp file fails instead of exiting the program, which could allow remote attackers or local users to execute arbitrary commands, a different vulnerability than CVE-1999-1332.

References

http://bugs.gentoo.org/show_bug.cgi?id=54890

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/16506

vdb-entryx_refsource_XF

http://security.gentoo.org/glsa/glsa-200406-18.xml

vendor-advisoryx_refsource_GENTOO

Timeline

Vulnerability published
Dec 6, 2004
Vulnerability Reserved
Jun 29, 2004