zlib -- buffer overflow vulnerability

ID 8EFE93E2-EE62-11D9-8310-0001020EED82
Type freebsd
Reporter FreeBSD
Modified 2005-10-01T00:00:00


Problem Description An error in the handling of corrupt compressed data streams can result in a buffer being overflowed. Impact By carefully crafting a corrupt compressed data stream, an attacker can overwrite data structures in a zlib-using application. This may cause the application to halt, causing a denial of service; or it may result in the attacker gaining elevated privileges.