zlib -- buffer overflow vulnerability

ID 837B9FB2-0595-11DA-86BC-000E0C2E438A
Type freebsd
Reporter FreeBSD
Modified 2005-09-24T00:00:00


Problem description A fixed-size buffer is used in the decompression of data streams. Due to erronous analysis performed when zlib was written, this buffer, which was belived to be sufficiently large to handle any possible input stream, is in fact too small. Impact A carefully constructed compressed data stream can result in zlib overwriting some data structures. This may cause applications to halt, resulting in a denial of service; or it may result in an attacker gaining elevated privileges.