| ID |
CVE-2003-0107
|
| Summary |
Buffer overflow in the gzprintf function in zlib 1.1.4, when zlib is compiled without vsnprintf or when long inputs are truncated using vsnprintf, allows attackers to cause a denial of service or possibly execute arbitrary code. |
| References |
|
| Vulnerable Configurations |
|
| CVSS |
| Base: | 7.5 (as of 22-06-2022 - 16:40) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-Other |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
LOW |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| PARTIAL |
PARTIAL |
PARTIAL |
|
| cvss-vector
via4
|
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
| redhat
via4
|
|
| refmap
via4
|
| bid | 6913 | | bugtraq | - 20030222 buffer overrun in zlib 1.1.4
- 20030223 poc zlib sploit just for fun :)
- 20030224 Re: buffer overrun in zlib 1.1.4
- 20030225 [sorcerer-spells] ZLIB-SORCERER2003-02-25
| | caldera | CSSA-2003-011.0 | | cert-vn | VU#142121 | | conectiva | CLSA-2003:619 | | confirm | http://lists.apple.com/mhonarc/security-announce/msg00038.html | | gentoo | GLSA-200303-25 | | jvn | JVN#78689801 | | jvndb | JVNDB-2015-000066 | | mandrake | MDKSA-2003:033 | | netbsd | NetBSD-SA2003-004 | | osvdb | 6599 | | sunalert | 57405 | | xf | zlib-gzprintf-bo(11381) |
|
| Last major update |
22-06-2022 - 16:40 |
| Published |
07-03-2003 - 05:00 |
| Last modified |
22-06-2022 - 16:40 |
