5 matches found
Astra Linux – Vulnerability in gzip, xz-utils
A arbitrary file writing vulnerability was discovered in the GNU gzip’s zgrep utility. When zgrep is applied to a file name chosen by the attacker e.g., a crafted file name, it can overwrite the content of the target file with an arbitrary file selected by the attacker. This flaw arises due to...
UBUNTU-CVE-2024-39929
Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass a $mimefilename extension-blocking protection mechanism, and potentially deliver executable attachments to the mailboxes of end users...
gzip: arbitrary-file-write vulnerability
An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation...
gzip: arbitrary-file-write vulnerability
An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation...
PT-2022-2156 · Gnu +11 · Gnu Gzip +11
Name of the Vulnerable Software and Affected Versions: GNU gzip versions affected versions not specified Description: An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. This flaw occurs due to insufficient validation when processing filenames with two or more newlines...