CVE-2003-0107

NONE
Published Mar 7, 200323y ago · Modified Jun 16, 20262w ago
Find Similar
Published Mar 7, 2003 23y ago
Last Modified Jun 16, 2026 2w ago

Description

Buffer overflow in the gzprintf function in zlib 1.1.4, when zlib is compiled without vsnprintf or when long inputs are truncated using vsnprintf, allows attackers to cause a denial of service or possibly execute arbitrary code.

Threat Intelligence

No active exploitation signals — not in CISA KEV and no EPSS score yet.

Exploit & Patch Status
Public Exploit Known
No Patch Available

Affected Products 1

VendorProductVersionRange
zlibzlib1.1.4any

References 19

  • ftp.caldera.com ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-011.0.txt
  • ftp.netbsd.org ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-004.txt.asc
  • distro.conectiva.com http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000619
  • jvn.jp http://jvn.jp/en/jp/JVN78689801/index.html
  • jvndb.jvn.jp http://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000066.html
  • lists.apple.com http://lists.apple.com/mhonarc/security-announce/msg00038.html
  • marc.info http://marc.info/?l=bugtraq&m=104610337726297&w=2
  • marc.info http://marc.info/?l=bugtraq&m=104610536129508&w=2
  • marc.info http://marc.info/?l=bugtraq&m=104620610427210&w=2
  • marc.info http://marc.info/?l=bugtraq&m=104887247624907&w=2
  • online.securityfocus.com http://online.securityfocus.com/archive/1/312869
    Exploit
  • sunsolve.sun.com http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F57405
  • iss.net http://www.iss.net/security_center/static/11381.php
    Vendor Advisory
  • kb.cert.org http://www.kb.cert.org/vuls/id/142121
    US Government Resource
  • mandrakesoft.com http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:033
  • osvdb.org http://www.osvdb.org/6599
  • redhat.com http://www.redhat.com/support/errata/RHSA-2003-079.html
  • redhat.com http://www.redhat.com/support/errata/RHSA-2003-081.html
  • securityfocus.com http://www.securityfocus.com/bid/6913

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.