Skip to navigation

CVE Database


Impact: Low
Public: 2006-12-02
Bugzilla: 220595: CVE-2006-4335 CVE-2006-4336 CVE-2006-4337 multiple vulnerabilities in lha


The MITRE CVE dictionary describes this issue as:

Buffer overflow in the make_table function in the LHZ component in gzip 1.3.5 allows context-dependent attackers to execute arbitrary code via a crafted decoding table in a GZIP archive.

Find out more about CVE-2006-4337 from the MITRE CVE dictionary and NIST NVD.


Red Hat is aware of this issue and is tracking it via the following bug:

The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw.

Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.

Red Hat security errata

Platform Errata Release Date
Red Hat Enterprise Linux version 2.1 (gzip) RHSA-2006:0667 September 19, 2006
Red Hat Enterprise Linux version 3 (gzip) RHSA-2006:0667 September 19, 2006
Red Hat Enterprise Linux version 4 (gzip) RHSA-2006:0667 September 19, 2006

External References

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact the Red Hat Security Response Team.