VYPR
Critical severity9.8NVD Advisory· Published Mar 15, 2002· Updated Jun 16, 2026

CVE-2002-0059

CVE-2002-0059

Description

The decompression algorithm in zlib 1.1.3 and earlier, as used in many different utilities and packages, causes inflateEnd to release certain memory more than once (a "double free"), which may allow local and remote attackers to execute arbitrary code via a block of malformed compression data.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Zlib/Zlib2 versions
    cpe:2.3:a:zlib:zlib:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:zlib:zlib:*:*:*:*:*:*:*:*range: <=1.1.3
    • (no CPE)range: <=1.1.3

Patches

Vulnerability mechanics

References

16

News mentions

0

No linked articles in our index yet.