98 matches found
CVE-2005-2384
Directory traversal vulnerability in a third-party compression library UNACEV2.DLL, as used in avast! Antivirus Home/Professional Edition 4.6.665 and Server Edition 4.6.460, allows remote attackers to write arbitrary files via an ACE archive containing filenames with 1 .. or 2 absolute pathnames...
CVE-2005-2384
Directory traversal vulnerability in a third-party compression library UNACEV2.DLL, as used in avast! Antivirus Home/Professional Edition 4.6.665 and Server Edition 4.6.460, allows remote attackers to write arbitrary files via an ACE archive containing filenames with 1 .. or 2 absolute pathnames...
CVE-2005-2385
Buffer overflow in a third-party compression library UNACEV2.DLL, as used in avast! Antivirus Home/Professional Edition 4.6.665 and Server Edition 4.6.460, allows remote attackers to execute arbitrary code via an ACE archive containing a long filename...
zlib security update
CentOS Errata and Security Advisory CESA-2005:584 Updated zlib packages that fix a buffer overflow are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. Zlib is a general-purpose lossless data...
zlib inflate() routine vulnerable to buffer overflow
Overview A buffer overflow in the zlib compression library may cause any application linked to zlib to improperly and immediately terminate. Description There is a buffer overflow in the zlib data-compression library caused by a lack of bounds checking in the inflate routine. If an attacker...
CVE-2004-0797
The error handling in the 1 inflate and 2 inflateBack functions in ZLib compression library 1.2.x allows local users to cause a denial of service application crash...
The zlib compression library is vulnerable to a denial-of-service condition
Overview Un-handled error conditions in the zlib compression library may allow an attacker to cause a denial-of-service condition. Description There is a vulnerability in the error handling mechanisms of the decompression functions in the zlib compression library. The decompression functions...
CVE-2004-0797
The error handling in the 1 inflate and 2 inflateBack functions in ZLib compression library 1.2.x allows local users to cause a denial of service application crash...
CVE-2004-0797
The error handling in the 1 inflate and 2 inflateBack functions in ZLib compression library 1.2.x allows local users to cause a denial of service application crash...
SUSE-SA:2004:029: zlib
The remote host is missing the patch for the advisory SUSE-SA:2004:029 zlib. zlib is a widely used data compression library. Programs linked against it include most desktop applications as well as servers such as Apache and OpenSSH. The 'inflate' function of zlib handles certain input data...
zlib "gzprintf()" function vulnerable to buffer overflow
Overview A buffer overflow exists in one of the functions included with the zlib compression library. This vulnerability may allow a remote attacker to execute arbitrary code or cause a denial of service. An exploit for this vulnerability is publicly available. Description The zlib website...
Moderate: Red Hat Security Advisory: zlib security update
Updated zlib packages that fix a buffer overflow vulnerability are now available. Zlib is a general-purpose, patent-free, lossless data compression library that is used by many different programs. The function gzprintf within zlib, when called with a string longer than ZPRINTFBUFZISE = 4096 bytes...
Zlib 1.1.4 - Compression Library gzprintf() Buffer Overrun (1)
Zlib 1.1.4 - Compression Library gzprintf Buffer Overrun 1 // source: https://www.securityfocus.com/bid/6913/info A buffer-overrun vulnerability has been reported in the Zlib compression library. Due to the use of 'vsprintf' by an internal Zlib function, an attacker can cause memory to become...
Security Advisory: Vulnerability in zlib library
Cisco Security Advisory: Vulnerability in the zlib Compression Library Revision 1.0 For Public Release 2002 April 03 16:00 UTC +0000 - --------------------------------------------------------------------------- Contents Summary Affected Products Details Impact Software Versions and Fixes Obtainin...
Vulnerability in the zlib Compression Library
...
Advisory CA-2002-07 Double Free Bug in zlib Compression Library
CERT Advisory CA-2002-07 Double Free Bug in zlib Compression Library Original release date: March 12, 2002 Last revised: -- Source: CERT/CC A complete revision history can be found at the end of this file. Systems Affected Any software that is linked to zlib 1.1.3 or earlier may be affected Data...
security problem fixed in zlib 1.1.4
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Zlib Advisory 2002-03-11 zlib Compression Library Corrupts malloc Data Structures via Double Free Original release date: March 11, 2002 Last revised: March 11, 2002 Source: This advisory is based on a CERT advisory written by Jeffrey P. Lanza. See...
Double Free Bug in zlib Compression Library Corrupts malloc's Internal Data Structures
Overview There is a bug in the zlib compression library that may manifest itself as a vulnerability in programs that are linked with zlib. This may allow an attacker to conduct a denial-of-service attack, gather information, or execute arbitrary code. It is important to note that the CERT/CC has...