Vulnerability Description
Multiple unspecified vulnerabilities in (1) unlzh.c and (2) unpack.c in the gzip libraries in Microsoft Windows Server 2008, Windows Services for UNIX 3.0 and 3.5, and the Subsystem for UNIX-based Applications (SUA); as used in gunzip, gzip, pack, pcat, and unpack 7.x before 7.0.1701.48, 8.x before 8.0.1969.62, and 9.x before 9.0.3790.2076; allow remote attackers to execute arbitrary code via unknown vectors.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Subsystem For Unix-Based Applications | All versions |
| Microsoft | Windows Services For Unix | 3.0 |
| Microsoft | Windows Server 2008 | All versions |
| Microsoft | Windows Vista | All versions |
References
- http://secunia.com/advisories/34428Vendor Advisory
- http://securitytracker.com/id?1021937
- http://support.microsoft.com/kb/953602Vendor Advisory
- http://www.securityfocus.com/bid/34258
- http://www.vupen.com/english/advisories/2009/0849Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49435
- http://secunia.com/advisories/34428Vendor Advisory
- http://securitytracker.com/id?1021937
- http://support.microsoft.com/kb/953602Vendor Advisory
- http://www.securityfocus.com/bid/34258
- http://www.vupen.com/english/advisories/2009/0849Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49435
FAQ
What is CVE-2009-1216?
CVE-2009-1216 is a vulnerability with a CVSS score of 10.0 (HIGH). Multiple unspecified vulnerabilities in (1) unlzh.c and (2) unpack.c in the gzip libraries in Microsoft Windows Server 2008, Windows Services for UNIX 3.0 and 3.5, and the Subsystem for UNIX-based App...
How severe is CVE-2009-1216?
CVE-2009-1216 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-1216?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Subsystem For Unix-Based Applications, Microsoft Windows Services For Unix, Microsoft Windows Server 2008, Microsoft Windows Vista.