VYPR
Unrated severityNVD Advisory· Published Jan 29, 2010· Updated Jun 16, 2026

CVE-2010-0001

CVE-2010-0001

Description

Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 on 64-bit platforms, as used in ncompress and probably others, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted archive that uses LZW compression, leading to an array index error.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

19
  • GNU/Gzip17 versions
    cpe:2.3:a:gnu:gzip:*:*:*:*:*:*:*:*+ 16 more
    • cpe:2.3:a:gnu:gzip:*:*:*:*:*:*:*:*range: <=1.3.13
    • cpe:2.3:a:gnu:gzip:1.2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:gzip:1.2.4a:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:gzip:1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:gzip:1.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:gzip:1.3.10:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:gzip:1.3.11:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:gzip:1.3.12:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:gzip:1.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:gzip:1.3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:gzip:1.3.4:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:gzip:1.3.5:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:gzip:1.3.6:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:gzip:1.3.7:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:gzip:1.3.8:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:gzip:1.3.9:*:*:*:*:*:*:*
    • (no CPE)range: <1.4

Patches

Vulnerability mechanics

References

30

News mentions

0

No linked articles in our index yet.