Max CVSS | 7.5 | Min CVSS | 3.7 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2005-0758 | 4.6 |
zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script.
|
16-10-2019 - 20:01 | 13-05-2005 - 04:00 | |
CVE-2006-4338 | 5.0 |
unlzh.c in the LHZ component in gzip 1.3.5 allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted GZIP archive.
|
17-10-2018 - 21:35 | 19-09-2006 - 21:07 | |
CVE-2006-4337 | 7.5 |
Buffer overflow in the make_table function in the LHZ component in gzip 1.3.5 allows context-dependent attackers to execute arbitrary code via a crafted decoding table in a GZIP archive.
|
17-10-2018 - 21:34 | 19-09-2006 - 21:07 | |
CVE-2006-4335 | 7.5 |
Array index error in the make_table function in unlzh.c in the LZH decompression component in gzip 1.3.5, when running on certain platforms, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code v
|
17-10-2018 - 21:34 | 19-09-2006 - 21:07 | |
CVE-2006-4336 | 7.5 |
Buffer underflow in the build_tree function in unpack.c in gzip 1.3.5 allows context-dependent attackers to execute arbitrary code via a crafted leaf count table that causes a write to a negative index.
|
17-10-2018 - 21:34 | 19-09-2006 - 21:07 | |
CVE-2006-4334 | 5.0 |
Unspecified vulnerability in gzip 1.3.5 allows context-dependent attackers to cause a denial of service (crash) via a crafted GZIP (gz) archive, which results in a NULL dereference.
|
17-10-2018 - 21:34 | 19-09-2006 - 21:07 | |
CVE-2005-0988 | 3.7 |
Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip af
|
11-10-2017 - 01:30 | 02-05-2005 - 04:00 | |
CVE-2005-1228 | 5.0 |
Directory traversal vulnerability in gunzip -N in gzip 1.2.4 through 1.3.5 allows remote attackers to write to arbitrary directories via a .. (dot dot) in the original filename within a compressed file.
|
11-10-2017 - 01:30 | 02-05-2005 - 04:00 |