Unrated severityNVD Advisory· Published Sep 19, 2006· Updated Apr 16, 2026
CVE-2006-4335
CVE-2006-4335
Description
Array index error in the make_table function in unlzh.c in the LZH decompression component in gzip 1.3.5, when running on certain platforms, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted GZIP archive that triggers an out-of-bounds write, aka a "stack modification vulnerability."
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
57- www.kb.cert.org/vuls/id/381508nvdUS Government Resource
- www.us-cert.gov/cas/techalerts/TA06-333A.htmlnvdUS Government Resource
- patches.sgi.com/support/free/security/advisories/20061001-01-P.ascnvd
- bugzilla.redhat.com/bugzilla/show_bug.cginvd
- docs.info.apple.com/article.htmlnvd
- lists.apple.com/archives/security-announce/2006/Nov/msg00001.htmlnvd
- secunia.com/advisories/21996nvd
- secunia.com/advisories/22002nvd
- secunia.com/advisories/22009nvd
- secunia.com/advisories/22012nvd
- secunia.com/advisories/22017nvd
- secunia.com/advisories/22027nvd
- secunia.com/advisories/22033nvd
- secunia.com/advisories/22034nvd
- secunia.com/advisories/22043nvd
- secunia.com/advisories/22085nvd
- secunia.com/advisories/22101nvd
- secunia.com/advisories/22435nvd
- secunia.com/advisories/22487nvd
- secunia.com/advisories/22661nvd
- secunia.com/advisories/23153nvd
- secunia.com/advisories/23155nvd
- secunia.com/advisories/23156nvd
- secunia.com/advisories/23679nvd
- secunia.com/advisories/24435nvd
- secunia.com/advisories/24636nvd
- security.freebsd.org/advisories/FreeBSD-SA-06:21.gzip.ascnvd
- security.gentoo.org/glsa/glsa-200609-13.xmlnvd
- securitytracker.com/idnvd
- slackware.com/security/viewer.phpnvd
- sunsolve.sun.com/search/document.donvd
- support.avaya.com/elmodocs2/security/ASA-2006-218.htmnvd
- www.gentoo.org/security/en/glsa/glsa-200611-24.xmlnvd
- www.mandriva.com/security/advisoriesnvd
- www.novell.com/linux/security/advisories/2006_56_gzip.htmlnvd
- www.openpkg.org/security/advisories/OpenPKG-SA-2006.020-gzip.htmlnvd
- www.redhat.com/support/errata/RHSA-2006-0667.htmlnvd
- www.securityfocus.com/archive/1/446426/100/0/threadednvd
- www.securityfocus.com/archive/1/450078/100/0/threadednvd
- www.securityfocus.com/archive/1/451324/100/0/threadednvd
- www.securityfocus.com/archive/1/462007/100/0/threadednvd
- www.securityfocus.com/archive/1/464268/100/0/threadednvd
- www.securityfocus.com/bid/20101nvd
- www.trustix.org/errata/2006/0052/nvd
- www.ubuntu.com/usn/usn-349-1nvd
- www.us.debian.org/security/2006/dsa-1181nvd
- www.vmware.com/support/esx25/doc/esx-254-200702-patch.htmlnvd
- www.vupen.com/english/advisories/2006/3695nvd
- www.vupen.com/english/advisories/2006/4275nvd
- www.vupen.com/english/advisories/2006/4750nvd
- www.vupen.com/english/advisories/2006/4760nvd
- www.vupen.com/english/advisories/2007/0092nvd
- www.vupen.com/english/advisories/2007/0832nvd
- www.vupen.com/english/advisories/2007/1171nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/29040nvd
- issues.rpath.com/browse/RPL-615nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10391nvd
News mentions
0No linked articles in our index yet.