CVE-2006-4334

EPSS 9.1%

gzip - arbitrary code execution

Published: 9/19/2006Modified: 4/28/2026

Description

Unspecified vulnerability in gzip 1.3.5 allows context-dependent attackers to cause a denial of service (crash) via a crafted GZIP (gz) archive, which results in a NULL dereference.

Affected packages (3)

Debian/gzipfrom 0, < 1.3.5-15
Debian/gzipfrom 0, < 1.3.5-10sarge2
Debian/gzipfrom 0, < 1.3.5-15+etch1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2006-4334