← back
CVE-2006-4335

CVE-2006-4335

EPSS 5.5%
Array index error in the make_table function in unlzh.c in the LZH decompression component in gzip 1.3.5, when running on certain platforms, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted GZIP archive that triggers an out-of-bounds write, aka a "stack modification vulnerability."
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.aschttp://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204676http://docs.info.apple.com/article.html?artnum=304829http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.htmlhttp://secunia.com/advisories/21996http://secunia.com/advisories/22002http://secunia.com/advisories/22009http://secunia.com/advisories/22012http://secunia.com/advisories/22017http://secunia.com/advisories/22027http://secunia.com/advisories/22033http://secunia.com/advisories/22034