Definition
New Search
The NEEDBITS macro in the inflate_dynamic function in inflate.c for unzip can be invoked using invalid buffers which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a free of uninitialized or previously-freed data.
oval:org.mitre.oval:def:9733
The NEEDBITS macro in the inflate_dynamic function in inflate.c for unzip can be invoked using invalid buffers which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a free of uninitialized or previously-freed data.
Family:
unix
Status:
ACCEPTED
Platform(s):
- CentOS Linux 3
- Red Hat Enterprise Linux 3
Class:
vulnerability
Reference(s):
- CVE-2008-0888
Product(s):