Lucene search

K
ubuntucveUbuntu.comUB:CVE-2010-0001
HistoryJan 20, 2010 - 12:00 a.m.

CVE-2010-0001

2010-01-2000:00:00
ubuntu.com
ubuntu.com
8

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.061 Low

EPSS

Percentile

93.4%

Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 on
64-bit platforms, as used in ncompress and probably others, allows remote
attackers to cause a denial of service (application crash) or possibly
execute arbitrary code via a crafted archive that uses LZW compression,
leading to an array index error.

OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchgzip< 1.3.5-12ubuntu0.3UNKNOWN
ubuntu8.04noarchgzip< 1.3.12-3.2ubuntu0.1UNKNOWN
ubuntu8.10noarchgzip< 1.3.12-6ubuntu2.8.10.1UNKNOWN
ubuntu9.04noarchgzip< 1.3.12-6ubuntu2.9.04.1UNKNOWN
ubuntu9.10noarchgzip< 1.3.12-8ubuntu1.1UNKNOWN

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.061 Low

EPSS

Percentile

93.4%

Related for UB:CVE-2010-0001