CVE-2006-4335 (retired)

Priority
Description
Array index error in the make_table function in unlzh.c in the LZH
decompression component in gzip 1.3.5, when running on certain platforms,
allows context-dependent attackers to cause a denial of service (crash) and
possibly execute arbitrary code via a crafted GZIP archive that triggers an
out-of-bounds write, aka a "stack modification vulnerability."
Package
Source: gzip (LP Ubuntu Debian)
Upstream:needs-triage
Package
Source: lha (LP Ubuntu Debian)
Upstream:needs-triage
More Information

Updated: 2019-03-26 11:38:08 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)