cve/CVE-2010-0001.md at eb8fb22b51df9332dc1ec68d0bcaedfdbefed8cd

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-12-16 20:27:21 +00:00

0xMarcio 49bdc782b3 Update Sun May 26 14:27:04 CEST 2024

2024-05-26 14:27:05 +02:00

Description

Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 on 64-bit platforms, as used in ncompress and probably others, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted archive that uses LZW compression, leading to an array index error.

POC

Reference

No PoCs from references.

Github

https://github.com/Hwangtaewon/radamsa
https://github.com/StephenHaruna/RADAMSA
https://github.com/litneet64/containerized-bomb-disposal
https://github.com/nqwang/radamsa
https://github.com/sambacha/mirror-radamsa
https://github.com/sunzu94/radamsa-Fuzzer

1013 B Raw Blame History

CVE-2010-0001

Description

POC

Reference

Github

1013 B

Raw Blame History