CVSS: 10.0EPSS: 20%CPEs: 7EXPL: 0CVE-2009-1216
https://notcve.org/view.php?id=CVE-2009-1216
Multiple unspecified vulnerabilities in (1) unlzh.c and (2) unpack.c in the gzip libraries in Microsoft Windows Server 2008, Windows Services for UNIX 3.0 and 3.5, and the Subsystem for UNIX-based Applications (SUA); as used in gunzip, gzip, pack, pcat, and unpack 7.x before 7.0.1701.48, 8.x before 8.0.1969.62, and 9.x before 9.0.3790.2076; allow remote attackers to execute arbitrary code via unknown vectors. Múltiples vulnerabilidades no especificadas en (1) unlzh.c y (2) unpack.c en las librerías gzip en Microsoft Windows Server 2008, Windows Services para UNIX 3.0 y 3.5, y el subsistema para UNIX-based Applications (SUA); como lo utilizado en gunzip, gzip, pack, pcat, y unpack 7.x versiones anteriores a 7.0.1701.48, 8.x versiones anteriores a 8.0.1969.62, y 9.x versiones anteriores a 9.0.3790.2076; permite a atacantes remotos ejecutar código de su elección a través de vectores desconocidos. • http://secunia.com/advisories/34428 http://securitytracker.com/id?1021937 http://support.microsoft.com/kb/953602 http://www.securityfocus.com/bid/34258 http://www.vupen.com/english/advisories/2009/0849 https://exchange.xforce.ibmcloud.com/vulnerabilities/49435 •
CVSS: 6.9EPSS: 0%CPEs: 16EXPL: 0CVE-2007-3036
https://notcve.org/view.php?id=CVE-2007-3036
Unspecified vulnerability in the (1) Windows Services for UNIX 3.0 and 3.5, and (2) Subsystem for UNIX-based Applications in Microsoft Windows 2000, XP, Server 2003, and Vista allows local users to gain privileges via unspecified vectors related to "certain setuid binary files." Vulnerabilidad no especificada en (1) Windows Services para UNIX 3.0 y 3.5, y (2) Subsistema para Aplicaciones UNIX en Microsoft Windows 2000, XP, Server 2003, y Vista permite a usuarios locales obtener privilegios mediante vectores no especificados relacionados con "determinados archivos binarios con setuid". • http://secunia.com/advisories/26757 http://securitytracker.com/id?1018678 http://www.kb.cert.org/vuls/id/768440 http://www.osvdb.org/36935 http://www.securityfocus.com/bid/25620 http://www.us-cert.gov/cas/techalerts/TA07-254A.html http://www.vupen.com/english/advisories/2007/3115 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-053 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1275 • CWE-264: Permissions, Privileges, and Access Controls •