| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 5.2 | $0-$5k | 0.00 |
Summary
A vulnerability was found in zlib up to 1.2.2. It has been classified as critical. This issue affects some unknown processing in the library zlib of the file inflate.h. The manipulation leads to denial of service. This vulnerability is listed as CVE-2005-1849. The attack may be initiated remotely. There is no available exploit. It is recommended that the affected component be replaced with an alternative.
Details
A vulnerability was found in zlib up to 1.2.2 and classified as critical. This issue affects an unknown code block in the library zlib of the file inflate.h. The manipulation with an unknown input leads to a denial of service vulnerability. Using CWE to declare the problem leads to CWE-404. The product does not release or incorrectly releases a resource before it is made available for re-use. Impacted is availability. The summary by CVE is:
inftrees.h in zlib 1.2.2 allows remote attackers to cause a denial of service (application crash) via an invalid file that causes a large dynamic tree to be produced.
The bug was discovered 07/08/2005. The weakness was presented 07/21/2005 by Markus Oberhumer (Website). It is possible to read the advisory at debian.org. The identification of this vulnerability is CVE-2005-1849 since 06/06/2005. The attack may be initiated remotely. No form of authentication is needed for a successful exploitation. Technical details of the vulnerability are known, but there is no available exploit. The attack technique deployed by this issue is T1499 according to MITRE ATT&CK.
It is declared as proof-of-concept. The vulnerability was handled as a non-public zero-day exploit for at least 13 days. During that time the estimated underground price was around $5k-$25k. The vulnerability scanner Nessus provides a plugin with the ID 19284 (RHEL 4 : zlib (RHSA-2005:584)), which helps to determine the existence of the flaw in a target environment. It is assigned to the family Red Hat Local Security Checks and running in the context l. The commercial vulnerability scanner Qualys is able to test this issue with plugin 117886 (CentOS Security Update for Zlib (CESA-2005:584)).
The problem might be mitigated by replacing the product with as an alternative. A possible mitigation has been published 10 months after the disclosure of the vulnerability.
The vulnerability is also documented in the databases at X-Force (21456), Tenable (19284), SecurityFocus (BID 14340†), OSVDB (18141†) and Secunia (SA31492†). See VDB-29425 for similar entry. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Product
Name
Version
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 5.9VulDB Meta Temp Score: 5.2
VulDB Base Score: 5.9
VulDB Temp Score: 5.2
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Denial of serviceCWE: CWE-404
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Status: Proof-of-Concept
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 19284
Nessus Name: RHEL 4 : zlib (RHSA-2005:584)
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
Nessus Context: 🔍
Nessus Port: 🔍
OpenVAS ID: 56537
OpenVAS Name: Debian Security Advisory DSA 1026-1 (sash)
OpenVAS File: 🔍
OpenVAS Family: 🔍
Qualys ID: 🔍
Qualys Name: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: AlternativeStatus: 🔍
Reaction Time: 🔍
0-Day Time: 🔍
Exposure Time: 🔍
ISS Proventia IPS: 🔍
Timeline
06/06/2005 🔍07/08/2005 🔍
07/21/2005 🔍
07/21/2005 🔍
07/21/2005 🔍
07/21/2005 🔍
07/21/2005 🔍
07/22/2005 🔍
07/25/2005 🔍
07/26/2005 🔍
07/27/2005 🔍
04/06/2006 🔍
08/14/2008 🔍
06/30/2025 🔍
Sources
Advisory: debian.orgResearcher: Markus Oberhumer
Status: Confirmed
Confirmation: 🔍
CVE: CVE-2005-1849 (🔍)
GCVE (CVE): GCVE-0-2005-1849
GCVE (VulDB): GCVE-100-1643
OVAL: 🔍
X-Force: 21456 - zlib code table denial of service, Medium Risk
SecurityFocus: 14340 - Zlib Compression Library Decompression Buffer Overflow Vulnerability
Secunia: 31492 - Red Hat Network Satellite Server Update for Solaris Client, Highly Critical
OSVDB: 18141 - zlib inftrees.c Invalid File Overflow Local DoS
SecurityTracker: 1014540
Vulnerability Center: 8752 - DoS and Code Execution in Zlib 1.2.2 via Large Dynamic Tree, Medium
Vupen: ADV-2007-1267
See also: 🔍
Entry
Created: 07/25/2005 15:28Updated: 06/30/2025 10:58
Changes: 07/25/2005 15:28 (94), 07/03/2019 17:54 (7), 06/30/2025 10:58 (17)
Complete: 🔍
Cache ID: 216::103
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
No comments yet. Languages: en.
Please log in to comment.