Off-by-one error in the inflate function in Zlib.xs in Compress::Raw::Zlib Perl module before 2.017, as used in AMaViS, SpamAssassin, and possibly other products, allows context-dependent attackers to cause a denial of service (hang or crash) via a crafted zlib compressed stream that triggers a heap-based buffer overflow, as exploited in the wild by Trojan.Downloader-71014 in June 2009.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Compress-raw-zlib_perl_module | Paul_marquess | * | 2.015 (including) |
| Compress-raw-zlib_perl_module | Paul_marquess | 2.001 (including) | 2.001 (including) |
| Compress-raw-zlib_perl_module | Paul_marquess | 2.002 (including) | 2.002 (including) |
| Compress-raw-zlib_perl_module | Paul_marquess | 2.003 (including) | 2.003 (including) |
| Compress-raw-zlib_perl_module | Paul_marquess | 2.004 (including) | 2.004 (including) |
| Compress-raw-zlib_perl_module | Paul_marquess | 2.005 (including) | 2.005 (including) |
| Compress-raw-zlib_perl_module | Paul_marquess | 2.006 (including) | 2.006 (including) |
| Compress-raw-zlib_perl_module | Paul_marquess | 2.008 (including) | 2.008 (including) |
| Compress-raw-zlib_perl_module | Paul_marquess | 2.009 (including) | 2.009 (including) |
| Compress-raw-zlib_perl_module | Paul_marquess | 2.010 (including) | 2.010 (including) |
| Compress-raw-zlib_perl_module | Paul_marquess | 2.011 (including) | 2.011 (including) |
| Compress-raw-zlib_perl_module | Paul_marquess | 2.012 (including) | 2.012 (including) |
| Compress-raw-zlib_perl_module | Paul_marquess | 2.014 (including) | 2.014 (including) |
| Libcompress-raw-zlib-perl | Ubuntu | hardy | * |
| Libcompress-raw-zlib-perl | Ubuntu | intrepid | * |
| Libcompress-raw-zlib-perl | Ubuntu | jaunty | * |
| Libcompress-raw-zlib-perl | Ubuntu | upstream | * |
| Perl | Ubuntu | intrepid | * |
| Perl | Ubuntu | jaunty | * |