CVE-2006-4335

Name of the Vulnerable Software and Affected Versions gzip version 1.3.5

Description The issue is related to an array index error in the make table function in unlzh.c, part of the LZH decompression component. This error can be triggered by a crafted GZIP archive, potentially leading to a denial of service (crash) and possibly allowing the execution of arbitrary code due to an out-of-bounds write. This is described as a stack modification issue.

Recommendations For gzip version 1.3.5, consider updating to a newer version that addresses this issue, as the current version may allow context-dependent attackers to cause a denial of service or possibly execute arbitrary code via a crafted GZIP archive.