Lucene search

K

Ubuntu.comUB:CVE-2006-4336

HistorySep 19, 2006 - 12:00 a.m.

CVE-2006-4336

2006-09-1900:00:00

ubuntu.com

ubuntu.com

12

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.031 Low

EPSS

Percentile

90.9%

Buffer underflow in the build_tree function in unpack.c in gzip 1.3.5
allows context-dependent attackers to execute arbitrary code via a crafted
leaf count table that causes a write to a negative index.

OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchgzip< 1.3.5-12ubuntu0.1UNKNOWN
ubuntu6.10noarchgzip< 1.3.5-14ubuntu1UNKNOWN
ubuntu7.04noarchgzip< 1.3.5-14ubuntu1UNKNOWN

References

launchpad.net/bugs/cve/CVE-2006-4336

nvd.nist.gov/vuln/detail/CVE-2006-4336

security-tracker.debian.org/tracker/CVE-2006-4336

ubuntu.com/security/notices/USN-349-1

www.cve.org/CVERecord?id=CVE-2006-4336

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.031 Low

EPSS

Percentile

90.9%

Related for UB:CVE-2006-4336

veracode1 cert1 cve1 debiancve1 nessus15 gentoo2 openvas18 suse1 freebsd_advisory1 securityvulns3 centos2 redhat1 freebsd1 debian1 oraclelinux1 osv1 ubuntu1 slackware1 seebug1