CVE-2009-1216 | Vulnerability Database | Aqua Security

Multiple unspecified vulnerabilities in (1) unlzh.c and (2) unpack.c in the gzip libraries in Microsoft Windows Server 2008, Windows Services for UNIX 3.0 and 3.5, and the Subsystem for UNIX-based Applications (SUA); as used in gunzip, gzip, pack, pcat, and unpack 7.x before 7.0.1701.48, 8.x before 8.0.1969.62, and 9.x before 9.0.3790.2076; allow remote attackers to execute arbitrary code via unknown vectors.

Affected Software

Name	Vendor	Start Version	End Version
Subsystem_for_unix-based_applications	Microsoft	*	*
Windows_services_for_unix	Microsoft	3.0 (including)	3.0 (including)
Windows_services_for_unix	Microsoft	3.5 (including)	3.5 (including)
Windows_server_2008	Microsoft	*	*
Windows_vista	Microsoft	*	*

References

http://secunia.com/advisories/34428
http://securitytracker.com/id?1021937
http://support.microsoft.com/kb/953602
http://www.securityfocus.com/bid/34258
http://www.vupen.com/english/advisories/2009/0849
https://exchange.xforce.ibmcloud.com/vulnerabilities/49435

NVD	https://nvd.nist.gov/vuln/detail/CVE-2009-1216
CWE	https://cwe.mitre.org/data/definitions/.html