← CVECheck
HomeVulnerabilities

CVE-2002-0059 — CRITICAL severity vulnerability (The decompression algorithm in zlib 1.1.3 and earlier, as us)

The decompression algorithm in zlib 1.1.3 and earlier, as used in many different utilities and packages, causes inflateEnd to release certain memory more than once (a "double free"), which may allow local and remote attackers to execute arbitrary code via a block of malformed compression data.

CVE IDCVE-2002-0059
SeverityCRITICAL
CVSS score9.8
CVSS vectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWECWE-415
StatusModified
Published2002-03-15
Last modified2026-04-16
DescriptionThe decompression algorithm in zlib 1.1.3 and earlier, as used in many different utilities and packages, causes inflateEnd to release certain memory more than once (a "double free"), which may allow local and remote attackers to execute arbitrary code via a block of malformed compression data.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →