The gzip program contains a null dereference vulnerability that may allow an attacker to execute arbitrary code or create a denial-of-service condition.
The gzip program is used to compress and decompress archived files.
A null dereference vulnerability exists in gzip. An attacker may be able to exploit this vulnerability by convincing a user to open a specially crafted gzip file.
A remote, unauthenticated attacker may be able to execute arbitrary code, or create a denial-of-service condition.
Thanks to Tavis Ormandy, Google Security Team for reporting this issue.
|Date First Published:||2006-09-19|
|Date Last Updated:||2011-07-22 12:49 UTC|