CVE-2003-0107 | Vulnerability Database | Aqua Security

Buffer overflow in the gzprintf function in zlib 1.1.4, when zlib is compiled without vsnprintf or when long inputs are truncated using vsnprintf, allows attackers to cause a denial of service or possibly execute arbitrary code.

Affected Software

Name	Vendor	Start Version	End Version
Zlib	Zlib	1.1.4 (including)	1.1.4 (including)
Red Hat Enterprise Linux AS (Advanced Server) version 2.1	RedHat		*
Red Hat Enterprise Linux ES version 2.1	RedHat		*
Red Hat Enterprise Linux WS version 2.1	RedHat		*
Red Hat Linux 7.1	RedHat		*
Red Hat Linux 7.2	RedHat		*
Red Hat Linux 7.3	RedHat		*
Red Hat Linux 8.0	RedHat		*
Red Hat Linux Advanced Workstation 2.1	RedHat		*

References

ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-011.0.txt
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-004.txt.asc
http://distro.conectiva.com/atualizacoes/?id=a\u0026anuncio=000619
http://jvn.jp/en/jp/JVN78689801/index.html
http://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000066.html
http://lists.apple.com/mhonarc/security-announce/msg00038.html
http://marc.info/?l=bugtraq\u0026m=104610337726297\u0026w=2
http://marc.info/?l=bugtraq\u0026m=104610536129508\u0026w=2
http://marc.info/?l=bugtraq\u0026m=104620610427210\u0026w=2
http://marc.info/?l=bugtraq\u0026m=104887247624907\u0026w=2
http://online.securityfocus.com/archive/1/312869
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F57405
http://www.iss.net/security_center/static/11381.php
http://www.kb.cert.org/vuls/id/142121
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:033
http://www.osvdb.org/6599
http://www.redhat.com/support/errata/RHSA-2003-079.html
http://www.redhat.com/support/errata/RHSA-2003-081.html
http://www.securityfocus.com/bid/6913
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-011.0.txt
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-004.txt.asc
http://distro.conectiva.com/atualizacoes/?id=a\u0026anuncio=000619
http://jvn.jp/en/jp/JVN78689801/index.html
http://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000066.html
http://lists.apple.com/mhonarc/security-announce/msg00038.html
http://marc.info/?l=bugtraq\u0026m=104610337726297\u0026w=2
http://marc.info/?l=bugtraq\u0026m=104610536129508\u0026w=2
http://marc.info/?l=bugtraq\u0026m=104620610427210\u0026w=2
http://marc.info/?l=bugtraq\u0026m=104887247624907\u0026w=2
http://online.securityfocus.com/archive/1/312869
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F57405
http://www.iss.net/security_center/static/11381.php
http://www.kb.cert.org/vuls/id/142121
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:033
http://www.osvdb.org/6599
http://www.redhat.com/support/errata/RHSA-2003-079.html
http://www.redhat.com/support/errata/RHSA-2003-081.html
http://www.securityfocus.com/bid/6913

NVD	https://nvd.nist.gov/vuln/detail/CVE-2003-0107
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html