CVE-2009-1216
Last modified
CVE-2009-1216 is a vulnerability of currently unknown severity. Multiple unspecified vulnerabilities in (1) unlzh.c and (2) unpack.c in the gzip libraries in Microsoft Windows Server 2008, Windows Services for UNIX 3.0 and 3.5, and the Subsystem for UNIX-based Applications (SUA); as used in gunzip, gzip, pack, pcat, and unpack 7.x before 7.0.1701.48, 8.x before 8.0.1969.62, and 9.x before 9.0.3790.2076; allow remote attackers to execute arbitrary code via unknown vectors.. EPSS estimates a 24.49% chance of exploitation in the next 30 days.
Description
Multiple unspecified vulnerabilities in (1) unlzh.c and (2) unpack.c in the gzip libraries in Microsoft Windows Server 2008, Windows Services for UNIX 3.0 and 3.5, and the Subsystem for UNIX-based Applications (SUA); as used in gunzip, gzip, pack, pcat, and unpack 7.x before 7.0.1701.48, 8.x before 8.0.1969.62, and 9.x before 9.0.3790.2076; allow remote attackers to execute arbitrary code via unknown vectors.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Subsystem For Unix-Based Applications | All versions |
| Microsoft | Windows Services For Unix | 3.0 |
| Microsoft | Windows Services For Unix | 3.5 |
| Microsoft | Windows Server 2008 | All versions |
| Microsoft | Windows Vista | All versions |
References
- http://secunia.com/advisories/34428Vendor Advisory
- http://support.microsoft.com/kb/953602Vendor Advisory
- http://www.vupen.com/english/advisories/2009/0849Vendor Advisory
- http://secunia.com/advisories/34428Vendor Advisory
- http://support.microsoft.com/kb/953602Vendor Advisory
- http://www.vupen.com/english/advisories/2009/0849Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2009-1216?
How severe is CVE-2009-1216?
How do I fix CVE-2009-1216?
Are you affected by CVE-2009-1216?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST