Vulnerabilities > GNU > Gzip > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-05-02 | CVE-2005-0988 | Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete. | 3.7 |
2005-02-09 | CVE-2004-0970 | Insecure Temporary File Creation vulnerability in GNU Gzip 1.2.4A The (1) gzexe, (2) zdiff, and (3) znew scripts in the gzip package, as used by other packages such as ncompress, allows local users to overwrite files via a symlink attack on temporary files. | 2.1 |
2003-07-02 | CVE-2003-0367 | Improper Input Validation vulnerability in multiple products znew in the gzip package allows local users to overwrite arbitrary files via a symlink attack on temporary files. | 2.1 |