• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Focus On: Vista
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns

• info
• discussion
• exploit
• solution
• references

Zlib Compression Library Decompression Buffer Overflow Vulnerability

Zlib is susceptible to a buffer-overflow vulnerability. This issue is due to the library's failure to properly handle unexpected input to its decompression routines.

Certain values used during decompression are incorrectly specified, allowing invalid inflate input to corrupt memory.

This vulnerability allows attackers to crash applications that use the affected library. This could also potentially allow for arbitrary code execution in the context of an affected application.