CVE-2009-1216

Name of the Vulnerable Software and Affected Versions gzip versions prior to 7.0.1701.48 gzip versions 7.0.1701.48 through 8.0.1969.62 gzip versions 8.0.1969.62 through 9.0.3790.2076 Microsoft Windows Server 2008 (affected versions not specified) Windows Services for UNIX 3.0 (affected versions not specified) Windows Services for UNIX 3.5 (affected versions not specified) Subsystem for UNIX-based Applications (SUA) (affected versions not specified)

Description The issue affects the gzip libraries in several Microsoft products, including Windows Server 2008, Windows Services for UNIX, and the Subsystem for UNIX-based Applications. It is related to unspecified vulnerabilities in the unlzh.c and unpack.c files. These vulnerabilities allow remote attackers to execute arbitrary code via unknown vectors.

Recommendations For gzip versions prior to 7.0.1701.48, update to version 7.0.1701.48 or later. For gzip versions 7.0.1701.48 through 8.0.1969.62, update to version 8.0.1969.62 or later. For gzip versions 8.0.1969.62 through 9.0.3790.2076, update to version 9.0.3790.2076 or later. For Microsoft Windows Server 2008, Windows Services for UNIX 3.0 and 3.5, and the Subsystem for UNIX-based Applications, at the moment, there is no information about a newer version that contains a fix for this vulnerability.