Internet threat level: 1
Home→Descriptions→SA16137
zlib Denial of Service Vulnerability
| Secunia ID | |
| CVE-ID | |
| Release Date |
21 Jul 2005 |
| Last Change |
22 Jul 2005 |
| Criticality | |
| Solution Status |
Vendor Patch |
| Software |
zlib 1.x |
| Where | |
| Impact |
DoS (Denial of Service)This includes vulnerabilities ranging from excessive resource consumption (e.g. causing a system to use a lot of memory) to crashing an application or an entire system. |
| Description |
Markus Oberhumer has reported a vulnerability in zlib, which can be exploited by malicious people to cause a DoS (Denial of Service) against a vulnerable application. The vulnerability is caused due to the insufficient size of the code table declared in inflate.h, and can be exploited to cause an application using the zlib library to crash via a specially crafted input file. The vulnerability has been reported in version 1.2.2. Prior versions may also be affected. |
| Solution |
Update to version 1.2.3. |
| Reported by |
Markus Oberhumer |
| Original Advisory |
© 1997-2012 Kaspersky Lab ZAO. All Rights Reserved.
Industry-leading Antivirus Software.
Registered trademarks and service marks are the property of their respective owners.