Integer Underflow Vulnerability in Gzip Affecting Various Platforms
CVE-2010-0001
Currently unrated
Summary
An integer underflow issue exists in the unlzw function in gzipped files prior to version 1.4, particularly affecting 64-bit platforms. This flaw allows an attacker to craft specific LZW-compressed archives that may lead to an application crash or potentially permit the execution of arbitrary code. This vulnerability can compromise application stability and security, making it crucial for users to update their gzip versions and verify file integrity.
References
EPSS Score
12% chance of being exploited in the next 30 days.
Timeline
Vulnerability published
Vulnerability Reserved