Integer Underflow Vulnerability in Gzip Affecting Various Platforms
CVE-2010-0001

Currently unrated

Key Information:

Vendor
Gnu
Status
Vendor
CVE Published:
29 January 2010

Summary

An integer underflow issue exists in the unlzw function in gzipped files prior to version 1.4, particularly affecting 64-bit platforms. This flaw allows an attacker to craft specific LZW-compressed archives that may lead to an application crash or potentially permit the execution of arbitrary code. This vulnerability can compromise application stability and security, making it crucial for users to update their gzip versions and verify file integrity.

References

EPSS Score

12% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.