Описание
gzexe in gzip 1.3.3 and earlier will execute an argument when the creation of a temp file fails instead of exiting the program, which could allow remote attackers or local users to execute arbitrary commands, a different vulnerability than CVE-1999-1332.
Ссылки
- Vendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- Vendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.3.3 (включая)
cpe:2.3:a:gnu:gzip:*:*:*:*:*:*:*:*
EPSS
Процентиль: 85%
0.02503
Низкий
10 Critical
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
debian
почти 21 год назад
gzexe in gzip 1.3.3 and earlier will execute an argument when the crea ...
github
больше 3 лет назад
gzexe in gzip 1.3.3 and earlier will execute an argument when the creation of a temp file fails instead of exiting the program, which could allow remote attackers or local users to execute arbitrary commands, a different vulnerability than CVE-1999-1332.
EPSS
Процентиль: 85%
0.02503
Низкий
10 Critical
CVSS2
Дефекты
NVD-CWE-Other