CVE-2009-1216

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows Vista; Windows Services For Unix; Subsystem For Unix-based Applications; Windows Server 2008
Vendor: CVE Published:; 1 April 2009

Summary

Multiple unspecified vulnerabilities in (1) unlzh.c and (2) unpack.c in the gzip libraries in Microsoft Windows Server 2008, Windows Services for UNIX 3.0 and 3.5, and the Subsystem for UNIX-based Applications (SUA); as used in gunzip, gzip, pack, pcat, and unpack 7.x before 7.0.1701.48, 8.x before 8.0.1969.62, and 9.x before 9.0.3790.2076; allow remote attackers to execute arbitrary code via unknown vectors.

References

http://www.vupen.com/english/advisories/2009/0849

vdb-entryx_refsource_VUPEN

http://securitytracker.com/id?1021937

vdb-entryx_refsource_SECTRACK

http://support.microsoft.com/kb/953602

vendor-advisoryx_refsource_MSKB

EPSS Score

18% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Apr 1, 2009
Vulnerability Reserved
Apr 1, 2009

Collectors

NVD DatabaseMitre Database