Lucene search
RedHatRHSA-2003:081HistoryMay 22, 2003 - 12:00 a.m.
(RHSA-2003:081) zlib security update
2003-05-2200:00:00
access.redhat.com
10
EPSS
0.075
Percentile
94.1%
Zlib is a general-purpose, patent-free, lossless data compression
library that is used by many different programs.
The function gzprintf within zlib, when called with a string longer than
Z_PRINTF_BUFZISE (= 4096 bytes), can overflow without giving a warning.
zlib-1.1.4 and earlier exhibit this behavior. There are no known exploits
of the gzprintf overrun, and only a few programs, including rpm2html
and gimp-print, are known to use the gzprintf function.
The problem has been fixed by checking the length of the output string
within gzprintf.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | any | ia64 | zlib-devel | < 1.1.4-8.2.1AS | zlib-devel-1.1.4-8.2.1AS.ia64.rpm |
| RedHat | any | i386 | zlib | < 1.1.4-8.2.1AS | zlib-1.1.4-8.2.1AS.i386.rpm |
| RedHat | any | i386 | zlib-devel | < 1.1.4-8.2.1AS | zlib-devel-1.1.4-8.2.1AS.i386.rpm |
| RedHat | any | ia64 | zlib | < 1.1.4-8.2.1AS | zlib-1.1.4-8.2.1AS.ia64.rpm |
Related
nvd
nvd
CVE-2003-0107
2003-03-07 05:00:00
nessus
nessus
RHEL 2.1 : zlib (RHSA-2003:081)
2004-07-06 00:00:00
Mandrake Linux Security Advisory : zlib (MDKSA-2003:033)
2004-07-31 00:00:00
debiancve
debiancve
CVE-2003-0107
2004-09-01 04:00:00
f5
f5
SOL2593 - Buffer overflow in zlib - CAN-2003-0107
2006-10-06 00:00:00
Buffer overflow in zlib - CAN-2003-0107
2006-10-07 04:00:00
cvelist
cvelist
CVE-2003-0107
2004-09-01 04:00:00
cert
cert
zlib "gzprintf()" function vulnerable to buffer overflow
2003-05-23 00:00:00
cve
cve
CVE-2003-0107
2004-09-01 04:00:00
jvn
jvn
JVN#78689801: BGA32.DLL and QBga32.DLL contain multiple vulnerabilities
2015-05-19 00:00:00