Vulnerability Details CVE-2009-1216
Multiple unspecified vulnerabilities in (1) unlzh.c and (2) unpack.c in the gzip libraries in Microsoft Windows Server 2008, Windows Services for UNIX 3.0 and 3.5, and the Subsystem for UNIX-based Applications (SUA); as used in gunzip, gzip, pack, pcat, and unpack 7.x before 7.0.1701.48, 8.x before 8.0.1969.62, and 9.x before 9.0.3790.2076; allow remote attackers to execute arbitrary code via unknown vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.4
EPSS Ranking 97.2%
CVSS Severity
CVSS v2 Score 10.0
References
- http://secunia.com/advisories/34428
- http://securitytracker.com/id?1021937
- http://support.microsoft.com/kb/953602
- http://www.securityfocus.com/bid/34258
- http://www.vupen.com/english/advisories/2009/0849
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49435
- http://secunia.com/advisories/34428
- http://securitytracker.com/id?1021937
- http://support.microsoft.com/kb/953602
- http://www.securityfocus.com/bid/34258
- http://www.vupen.com/english/advisories/2009/0849
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49435
Products affected by CVE-2009-1216
-
cpe:2.3:a:microsoft:subsystem_for_unix-based_applications:-
-
cpe:2.3:a:microsoft:windows_services_for_unix:3.0
-
cpe:2.3:a:microsoft:windows_services_for_unix:3.5
-
cpe:2.3:o:microsoft:windows_server_2008:-
-
cpe:2.3:o:microsoft:windows_server_2008:r2
-
cpe:2.3:o:microsoft:windows_server_2008:sp2
-
cpe:2.3:o:microsoft:windows_vista:*
-
cpe:2.3:o:microsoft:windows_vista:-