MiniGZip - Controls File_Compress Buffer Overflow
| EKU-ID: 34880 | CVE: CVE-2007-1657;OSVDB-43550 | OSVDB-ID: |
| Author: starcadi | Published: 2007-03-14 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 34880 | CVE: CVE-2007-1657;OSVDB-43550 | OSVDB-ID: |
| Author: starcadi | Published: 2007-03-14 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/22964/info The 'minigzip' tool is prone to a buffer-overflow vulnerability because it fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer. A local attacker can exploit this issue to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will result in a denial of service. minigzip `perl -e 'print 'A'x1050'