CVE-2016-9840

Name of the Vulnerable Software and Affected Versions zlib version 1.2.8

Description The issue is caused by improper pointer arithmetic in the inftrees.c component of the zlib library. This could allow a remote attacker to exploit the vulnerability, potentially leading to unspecified impact, including disruption of confidentiality, integrity, and availability of protected information. The vulnerability may be exploited by persuading a victim to open a specially crafted document, resulting in a denial of service.

Recommendations For zlib version 1.2.8, at the moment, there is no information about a newer version that contains a fix for this vulnerability.