CVE-2009-1216

EUVD-2009-1215
Multiple unspecified vulnerabilities in (1) unlzh.c and (2) unpack.c in the gzip libraries in Microsoft Windows Server 2008, Windows Services for UNIX 3.0 and 3.5, and the Subsystem for UNIX-based Applications (SUA); as used in gunzip, gzip, pack, pcat, and unpack 7.x before 7.0.1701.48, 8.x before 8.0.1969.62, and 9.x before 9.0.3790.2076; allow remote attackers to execute arbitrary code via unknown vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 97%
Affected Products (NVD)
VendorProductVersion
microsoftsubsystem_for_unix-based_applications
*
microsoftwindows_services_for_unix
3.0
microsoftwindows_services_for_unix
3.5
microsoftwindows_server_2008
*
microsoftwindows_vista
*
microsoftwindows_vista
*
microsoftwindows_vista
*
𝑥
= Vulnerable software versions
References
http://secunia.com/advisories/34428
http://securitytracker.com/id?1021937
http://support.microsoft.com/kb/953602
http://www.securityfocus.com/bid/34258
http://www.vupen.com/english/advisories/2009/0849
https://exchange.xforce.ibmcloud.com/vulnerabilities/49435
http://secunia.com/advisories/34428
http://securitytracker.com/id?1021937
http://support.microsoft.com/kb/953602
http://www.securityfocus.com/bid/34258
http://www.vupen.com/english/advisories/2009/0849
https://exchange.xforce.ibmcloud.com/vulnerabilities/49435