CVE-2005-1849

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 26-07-2005 06:00

Last modified: - 22-06-2022 06:40

Total changes: - 3

Description

inftrees.h in zlib 1.2.2 allows remote attackers to cause a denial of service (application crash) via an invalid file that causes a large dynamic tree to be produced.

Common Vulnerability Scoring System (CVSS)

AV:N/AC:L/Au:N/C:N/I:N/A:P

Low

Attack complexity

Network

Attack vector

Low

Availability

None

Confidentiality

None

Integrity

Privileges required

Scope

User interaction

5.0

Base score

10.0

2.9

Exploitability score

Impact score

Verification logic

Reference

DSA-763-Patch, Vendor Advisory
http://security.debian.org/pool/updates/main/z/zlib/zlib_1.2.2-4.sarge.2.diff.gz
APPLE-SA-2005-08-15-
APPLE-SA-2005-08-17-
FLSA:162680-
GLSA-200509-18-
DSA-797-
USN-151-3-
14340-
18141-
1014540-
16137-Vendor Advisory
SCOSA-2006.6-
18377-Vendor Advisory
RHSA-2005:584-
17326-Vendor Advisory
17516-Vendor Advisory
DSA-1026-
19550-Vendor Advisory
GLSA-200603-18-
19334-Vendor Advisory
SUSE-SA:2005:043-
19597-Vendor Advisory
http://www.vmware.com/support/vi3/doc/esx-3616065-patch.html
http://www.vmware.com/support/vi3/doc/esx-9916286-patch.html
24788-Vendor Advisory
MDKSA-2005:196-
MDKSA-2006:070-
RHSA-2008:0629-
31492-Vendor Advisory
ADV-2007-1267-
zlib-codetable-dos(21456)-
oval:org.mitre.oval:def:11402-
20070404 VMSA-2007-0003 VMware ESX 3.0.1 and 3.0.0 server security updates-

Keywords

CVE-2005-1849

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2005-1849

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures