CVE-2002-0059

The decompression algorithm in zlib 1.1.3 and earlier, as used in many different utilities and packages, causes inflateEnd to release certain memory more than once (a "double free"), which may allow local and remote attackers to execute arbitrary code via a block of malformed compression data.

Severity	CRITICAL
CVSS	9.8
CWE	CWE-415
KEV
Published	24 years ago
Modified	1 month ago

Related Products

Product	Advisory	Evidence
CiscoWorks Hosting Solution Engine (HSE)	cisco-sa-20020403-zlib-double-free	Cisco OpenVuln
Cisco Metro 1500 Series (MAN DWDM)	cisco-sa-20020403-zlib-double-free	Cisco OpenVuln
Cisco Intrusion Detection System (IDS)	cisco-sa-20020403-zlib-double-free	Cisco OpenVuln
Cisco Application and Content Networking System (ACNS) Software	cisco-sa-20020403-zlib-double-free	Cisco OpenVuln
Application and Content Networking System (ACNS) Software	cisco-sa-20020403-zlib-double-free	Cisco OpenVuln