9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.013 Low
EPSS
Percentile
85.9%
Tomas Hoger reports:
The compress/ LZW decompress implentation does not correctly
handle compressed streams that contain code words that were not
yet added to the decompression table. This may lead to
arbitrary memory corruption. Successfull exploitation may
possible lead to a local privilege escalation.