CVE-2010-0001

Priority
Medium
Description
Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 on
64-bit platforms, as used in ncompress and probably others, allows remote
attackers to cause a denial of service (application crash) or possibly
execute arbitrary code via a crafted archive that uses LZW compression,
leading to an array index error.
References
Assigned-to
mdeslaur
Package
Source: gzip (LP Ubuntu Debian)
Upstream:released (1.3.12-9)
Ubuntu 8.04 LTS (Hardy Heron):released (1.3.12-3.2ubuntu0.1)
Ubuntu 10.04 LTS (Lucid Lynx):not-affected (1.3.12-9ubuntu1)
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:20:33 UTC (commit 5347)