CPE-16938CDB-2ECF-48FB-B516-9CFA8B4357C2 Détail

CPE Details

GNU Gzip 1.3

Vendor

gnu

Product

gzip

Version

1.3

Created

2007-08-23
19h16 +00:00

Modifié

2023-06-06
17h01 +00:00

Liens officiels

CPE NVD

Alerte pour un CPE

Restez informé de toutes modifications pour un CPE spécifique.

Gestion des notifications

Liste des Notifications

Alerte pour un CPE

Restez informé de toutes modifications pour un CPE spécifique.

Paramètres

Vous pouvez spécifier un titre qui sera récupéré dans les alertes qui seront envoyées.

CPE ID

Planifications

Mois

Prochaine exécution calculée

Jour

Jour de la semaine

Heure

Minute

Date de création

Dernière exécution

Prochaine exécution

Fonctionnalité nécessitant une connexion

Cette fonctionnalité qui vous permet de recevoir des alertes, n'est active que lorsque vous êtes connecté à votre compte.

CPE Name: cpe:2.3:a:gnu:gzip:1.3:::::::*

Informations

Vendor

gnu

Product

gzip

Version

1.3

Related CVE

Open and find in CVE List

CVE ID	Publié	Description	Score	Gravité
CVE-2022-1271	2022-08-31 13h33 +00:00	An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.	8.8	Haute
CVE-2009-2624	2010-01-29 17h00 +00:00	The huft_build function in inflate.c in gzip before 1.3.13 creates a hufts (aka huffman) table that is too small, which allows remote attackers to cause a denial of service (application crash or infinite loop) or possibly execute arbitrary code via a crafted archive. NOTE: this issue is caused by a CVE-2006-4334 regression.	6.8
CVE-2010-0001	2010-01-29 17h00 +00:00	Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 on 64-bit platforms, as used in ncompress and probably others, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted archive that uses LZW compression, leading to an array index error.	6.8
CVE-2005-0758	2005-05-13 02h00 +00:00	zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script.	4.6
CVE-2004-0603	2004-06-30 02h00 +00:00	gzexe in gzip 1.3.3 and earlier will execute an argument when the creation of a temp file fails instead of exiting the program, which could allow remote attackers or local users to execute arbitrary commands, a different vulnerability than CVE-1999-1332.	10
CVE-2003-0367	2003-06-10 02h00 +00:00	znew in the gzip package allows local users to overwrite arbitrary files via a symlink attack on temporary files.	2.1
CVE-2001-1228	2002-04-12 02h00 +00:00	Buffer overflows in gzip 1.3x, 1.2.4, and other versions might allow attackers to execute code via a long file name, possibly remotely if gzip is run on an FTP server.	7.5

GNU Gzip 1.3

CPE Details

CPE Name: cpe:2.3:a:gnu:gzip:1.3:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:gnu:gzip:1.3:::::::*