CVE-2005-0758

Currently unrated

Key Information:

Vendor: Gnu
Status: Gzip
Vendor: CVE Published:; 13 May 2005

Summary

zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script.

References

http://www.ubuntu.com/usn/usn-158-1

vendor-advisoryx_refsource_UBUNTU

http://www.osvdb.org/16371

vdb-entryx_refsource_OSVDB

http://www.fedoralegacy.org/updates/FC2/2005-11-14-FLSA_2...

vendor-advisoryx_refsource_FEDORA

Timeline

Vulnerability published
May 13, 2005
Vulnerability Reserved
Mar 17, 2005