Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2002-0059
HistoryMar 15, 2002 - 5:00 a.m.

CVE-2002-0059

2002-03-1505:00:00
CWE-415
[email protected]
web.nvd.nist.gov
47
2
zlib
decompression
algorithm
double free
memory
inflateend
code execution
cve-2002-0059

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.473 Medium

EPSS

Percentile

97.4%

JSON

The decompression algorithm in zlib 1.1.3 and earlier, as used in many different utilities and packages, causes inflateEnd to release certain memory more than once (a “double free”), which may allow local and remote attackers to execute arbitrary code via a block of malformed compression data.

CPENameOperatorVersion
zlib:zlibzlible1.1.3

References

Social References

More

Related

openvas 2
securityvulns 3
nessus 4
debian 1
cert 1
freebsd_advisory 1
slackware 1
cisco 1
ibm 6
openvas
openvas
Debian Security Advisory DSA 122-1 (zlib, various)
2008-01-17 00:00:00
Debian Security Advisory DSA 122-1 (zlib, various)
2008-01-17 00:00:00
securityvulns
securityvulns
security problem fixed in zlib 1.1.4
2002-03-12 00:00:00
Advisory CA-2002-07 Double Free Bug in zlib Compression Library
2002-03-13 00:00:00
CERT Advisory CA-2003-02 Double-Free Bug in CVS Server
2003-01-23 00:00:00
nessus
nessus
Debian DSA-122-1 : zlib - malloc error (double free)
2004-09-29 00:00:00
Mandrake Linux Security Advisory : zlib-pkgs (MDKSA-2002:023-1)
2004-07-31 00:00:00
Mandrake Linux Security Advisory : zlib (MDKSA-2002:022)
2004-07-31 00:00:00
debian
debian
[SECURITY] [DSA 122-1] New zlib & other packages fix buffer overflow
2002-03-11 00:00:00
cert
cert
Double Free Bug in zlib Compression Library Corrupts malloc's Internal Data Structures
2002-03-11 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-02:18.zlib
2002-03-18 00:00:00
slackware
slackware
rsync update fixes security problems
2002-03-11 15:25:45
cisco
cisco
Vulnerability in the zlib Compression Library
2002-04-03 16:00:00
ibm
ibm
Security Bulletin: IBM® Db2® is affected by multiple vulnerabilities in the open source zlib library.
2023-12-20 20:15:04
Security Bulletin: Multiple vulnerabilities in IBM Db2 may affect IBM Storage Protect Server.
2024-03-25 09:18:44
Security Bulletin: Multiple security vulnerabilities have been identified in DB2 JDBC driver shipped with IBM Tivoli Business Service Manager
2024-01-24 18:45:08

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.473 Medium

EPSS

Percentile

97.4%

JSON
Related for CVE-2002-0059
openvas2securityvulns3nessus4debian1cert1freebsd_advisory1slackware1cisco1ibm6