Unrated severityNVD Advisory· Published Apr 1, 2009· Updated Apr 23, 2026

CVE-2009-1216

Description

Multiple unspecified vulnerabilities in (1) unlzh.c and (2) unpack.c in the gzip libraries in Microsoft Windows Server 2008, Windows Services for UNIX 3.0 and 3.5, and the Subsystem for UNIX-based Applications (SUA); as used in gunzip, gzip, pack, pcat, and unpack 7.x before 7.0.1701.48, 8.x before 8.0.1969.62, and 9.x before 9.0.3790.2076; allow remote attackers to execute arbitrary code via unknown vectors.

Affected products

Microsoft/Subsystem For Unix Based Applications
cpe:2.3:a:microsoft:subsystem_for_unix-based_applications:*:*:*:*:*:*:*:*
Microsoft/Services for Unix 2.03 versions
cpe:2.3:a:microsoft:windows_services_for_unix:3.0:-:std:*:*:*:*:*+ 2 more
- cpe:2.3:a:microsoft:windows_services_for_unix:3.0:-:std:*:*:*:*:*
- cpe:2.3:a:microsoft:windows_services_for_unix:3.5:*:*:*:*:*:*:*
- (no CPE)range: 3.0
Microsoft/Windows Server 20082 versions
cpe:2.3:o:microsoft:windows_server_2008:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:microsoft:windows_server_2008:*:*:*:*:*:*:*:*
- (no CPE)
Microsoft/Windows3 versions
cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_vista:*:*:enterprise:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_vista:*:*:ultimate:*:*:*:*:*

Patches

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/34428nvdVendor Advisory
support.microsoft.com/kb/953602nvdVendor Advisory
www.vupen.com/english/advisories/2009/0849nvdVendor Advisory
securitytracker.com/idnvd
www.securityfocus.com/bid/34258nvd
exchange.xforce.ibmcloud.com/vulnerabilities/49435nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.020
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000