// For flags

CVE-2006-4336

multiple vulnerabilities in lha

Severity Score

9.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Buffer underflow in the build_tree function in unpack.c in gzip 1.3.5 allows context-dependent attackers to execute arbitrary code via a crafted leaf count table that causes a write to a negative index.

Desbordamiento de búfer en la función build_tree en gzip 1.3.5 permite a atacantes dependientes de contexto ejecutar código de su elección vía una tabla de contadores de hoja artesanal que provoca una escritura en un índice negativo.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2006-08-24 CVE Reserved
  • 2006-09-19 CVE Published
  • 2024-08-07 CVE Updated
  • 2025-03-30 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
References (59)
URL Tag Source
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204676 X_refsource_misc
http://docs.info.apple.com/article.html?artnum=304829 X_refsource_confirm
http://secunia.com/advisories/21996 Third Party Advisory
http://secunia.com/advisories/22002 Third Party Advisory
http://secunia.com/advisories/22027 Third Party Advisory
http://secunia.com/advisories/22085 Third Party Advisory
http://secunia.com/advisories/22101 Third Party Advisory
http://secunia.com/advisories/22435 Third Party Advisory
http://secunia.com/advisories/22487 Third Party Advisory
http://secunia.com/advisories/22661 Third Party Advisory
http://secunia.com/advisories/23153 Third Party Advisory
http://secunia.com/advisories/23155 Third Party Advisory
http://secunia.com/advisories/23156 Third Party Advisory
http://secunia.com/advisories/23679 Third Party Advisory
http://secunia.com/advisories/24435 Third Party Advisory
http://secunia.com/advisories/24636 Third Party Advisory
http://securitytracker.com/id?1016883 Vdb Entry
http://support.avaya.com/elmodocs2/security/ASA-2006-218.htm X_refsource_confirm
http://www.kb.cert.org/vuls/id/554780 Third Party Advisory
http://www.securityfocus.com/archive/1/446426/100/0/threaded Mailing List
http://www.securityfocus.com/archive/1/464268/100/0/threaded Mailing List
http://www.securityfocus.com/bid/20101 Vdb Entry
http://www.us-cert.gov/cas/techalerts/TA06-333A.html Third Party Advisory
http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html X_refsource_confirm
http://www.vupen.com/english/advisories/2006/3695 Vdb Entry
http://www.vupen.com/english/advisories/2006/4275 Vdb Entry
http://www.vupen.com/english/advisories/2006/4750 Vdb Entry
http://www.vupen.com/english/advisories/2006/4760 Vdb Entry
http://www.vupen.com/english/advisories/2007/0092 Vdb Entry
http://www.vupen.com/english/advisories/2007/0832 Vdb Entry
http://www.vupen.com/english/advisories/2007/1171 Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/29042 Vdb Entry
https://issues.rpath.com/browse/RPL-615 X_refsource_confirm
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10140 Signature
URL Date SRC
URL Date SRC
http://secunia.com/advisories/22012 2018-10-17
http://secunia.com/advisories/22043 2018-10-17
URL Date SRC
ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc 2018-10-17
http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html 2018-10-17
http://secunia.com/advisories/22009 2018-10-17
http://secunia.com/advisories/22017 2018-10-17
http://secunia.com/advisories/22033 2018-10-17
http://secunia.com/advisories/22034 2018-10-17
http://security.freebsd.org/advisories/FreeBSD-SA-06:21.gzip.asc 2018-10-17
http://security.gentoo.org/glsa/glsa-200609-13.xml 2018-10-17
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.555852 2018-10-17
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102766-1 2018-10-17
http://www.gentoo.org/security/en/glsa/glsa-200611-24.xml 2018-10-17
http://www.mandriva.com/security/advisories?name=MDKSA-2006:167 2018-10-17
http://www.novell.com/linux/security/advisories/2006_56_gzip.html 2018-10-17
http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.020-gzip.html 2018-10-17
http://www.redhat.com/support/errata/RHSA-2006-0667.html 2018-10-17
http://www.securityfocus.com/archive/1/450078/100/0/threaded 2018-10-17
http://www.securityfocus.com/archive/1/451324/100/0/threaded 2018-10-17
http://www.securityfocus.com/archive/1/462007/100/0/threaded 2018-10-17
http://www.trustix.org/errata/2006/0052 2018-10-17
http://www.ubuntu.com/usn/usn-349-1 2018-10-17
http://www.us.debian.org/security/2006/dsa-1181 2018-10-17
https://access.redhat.com/security/cve/CVE-2006-4336 2006-09-19
https://bugzilla.redhat.com/show_bug.cgi?id=220595 2006-09-19
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Gzip
Search vendor "Gzip"
 Gzip
Search vendor "Gzip" for product "Gzip"
 1.3.5
Search vendor "Gzip" for product "Gzip" and version "1.3.5"
-
Affected