Arbitrary Code Execution Vulnerability in gzip Libraries for Microsoft Windows
CVE-2009-1216

Currently unrated

Key Information:

Vendor

Microsoft
Status
Windows Vista
Windows Services For Unix
Subsystem For Unix-based Applications
Windows Server 2008
Vendor
CVE Published:
1 April 2009

What is CVE-2009-1216?

Multiple vulnerabilities exist in the gzip libraries included with Microsoft Windows products, specifically in the files unlzh.c and unpack.c. These vulnerabilities may allow a remote attacker to execute arbitrary code on affected systems. The flaws are found in various versions of Windows Server 2008, Windows Services for UNIX, and the Subsystem for UNIX-based Applications, as well as in specific releases of the gunzip, gzip, and unpack applications prior to their respective updates. Exploiting these vulnerabilities could give attackers the capability to compromise the affected systems through various unknown vectors.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.vupen.com/english/advisories/2009/0849
vdb-entryx_refsource_VUPEN
http://securitytracker.com/id?1021937
vdb-entryx_refsource_SECTRACK
http://support.microsoft.com/kb/953602
vendor-advisoryx_refsource_MSKB

EPSS Score

42% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.