CVE-2004-0770

romload.c in DGen Emulator 1.23 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files during decompression of 1 gzip or 2 bzip ROM files...

CVE-2002-1139

The CVE-2002-1139 issue affects Microsoft Windows 98 with Plus! Pack, Windows Me, and Windows XP under the Compressed Folders feature. The root cause is that the destination folder is not properly validated during ZIP decompression, allowing an attacker to place an executable in a known location ...

DEBIAN-CVE-2004-0548

Multiple stack-based buffer overflows in the word-list-compress functionality in compress.c for Aspell allow local users to execute arbitrary code via a long entry in the wordlist that is not properly handled when using the 1 "c" compress option or 2 "d" decompress option...

CVE-2002-0760

CVE-2002-0760 describes a race condition in bzip2 prior to 1.0.2 across FreeBSD 4.5 and earlier, and OpenLinux 3.1/3.1.1, where files are decompressed with world-readable permissions before being reset to the permissions specified in the archive, potentially allowing local users to read files dur...

CVE-2002-0759

CVE-2002-0759 affects bzip2 prior to 1.0.2, notably in FreeBSD 4.5 and earlier and OpenLinux 3.1/3.1.1. The issue is that bzip2 does not use the O_EXCL flag to create files during decompression and does not warn if an existing file would be overwritten. This could allow an attacker to overwrite f...

MS02-054: Unchecked Buffer in File Decompression Functions Could Lead to Code Execution (329048)

The remote host contains a version of Windows that has a security flaw in the compressed files ZIP implementation. An attacker can exploit this flaw by sending a malicious zip file to the remote user. When the user opens the file with Explorer, arbitrary code will be executed. C Tenable Network...

CVE-2002-1139

The Compressed Folders feature in Microsoft Windows 98 with Plus! Pack, Windows Me, and Windows XP does not properly check the destination folder during the decompression of ZIP files, which allows attackers to place an executable file in a known location on a user's system, aka "Incorrect Target...

Security Bulletin MS02-054: Unchecked Buffer in File Decompression Functions Could Lead to Code Execution (Q329048)

---------------------------------------------------------------------- Title: Unchecked Buffer in File Decompression Functions Could Lead to Code Execution Q329048 Date: 02 October 2002 Software: Microsoft Windows 98 with Plus! Pack, Windows Me, or Windows XP Impact: Two vulnerabilities, the most...

ZIP archives containing files with large filenames can cause buffer overflows

Overview Multiple file decompression utilities contain buffer overflow vulnerabilities for which the impacts vary. Description Researchers at Rapid7, Inc. have discovered that multiple file decompression utilities are susceptible to buffer overflows as a result of large filenames embedded in...

CVE-2002-0759

bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, OpenLinux 3.1 and 3.1.1, and possibly other operating systems, does not use the OEXCL flag to create files during decompression and does not warn the user if an existing file would be overwritten, which could allow attackers to overwrite files via a...

CVE-2002-0059

CVE-2002-0059: The decompression algorithm in zlib 1.1.3 and earlier can cause inflateEnd to free memory more than once (a double free), enabling memory corruption that may allow arbitrary code execution via malformed compression data. Affected: zlib up to version 1.1.3 and earlier. Root cause: d...

[SECURITY] New versions of gzip available

We were told by Michal Zalewski that gzexe as shipped with gzip uses an unsecure method decompressing executables on the fly opening a way of calling arbitrary programs. Newer versions for bo and hamm are fixing this. We recommend you upgrade your gzip package if youre using the gzexe method. dpk...