ID CVE-2004-0797
Summary The error handling in the (1) inflate and (2) inflateBack functions in ZLib compression library 1.2.x allows local users to cause a denial of service (application crash).
References
Vulnerable Configurations
  • cpe:2.3:a:zlib:zlib:1.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:zlib:zlib:1.2.1:*:*:*:*:*:*:*
CVSS
Base: 2.1 (as of 22-06-2022 - 16:40)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:L/AC:L/Au:N/C:N/I:N/A:P
refmap via4
bid 11051
bugtraq 20040825 [OpenPKG-SA-2004.038] OpenPKG Security Advisory (zlib)
cert-vn VU#238678
conectiva
  • CLA-2004:865
  • CLA-2004:878
confirm http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=252253
fedora FLSA:2043
gentoo GLSA-200408-26
mandrake MDKSA-2004:090
openbsd 20040829 017: RELIABILITY FIX: August 29, 2004
osvdb
  • 9360
  • 9361
sco
  • SCOSA-2004.17
  • SCOSA-2006.6
sectrack 1011085
secunia
  • 11129
  • 17054
  • 18377
slackware SSA:2004-278
suse SUSE-SA:2004:029
xf zlib-inflate-inflateback-dos(17119)
Last major update 22-06-2022 - 16:40
Published 20-10-2004 - 04:00
Last modified 22-06-2022 - 16:40
Back to Top