GNU GZip Archive Handling Multiple Remote Vulnerabilities

GNU GZip Archive Handling Multiple Remote Vulnerabilities

The gzip utility is prone to multiple remote buffer-overflow and denial-of-service vulnerabilities when handling malicious archive files.

Successful exploits may allow a remote attacker to corrupt process memory by triggering an overflow condition. This may lead to arbitrary code execution in the context of an affected user and may facilitate a remote compromise. Attackers may also trigger denial-of-service conditions by crashing or hanging the application.

Specific information regarding affected versions of gzip is currently unavailable. This BID will be updated as more information is released.