Search for vulnerabilities
Vulnerability details: VCID-7b2j-s3g7-aaak
Vulnerability ID VCID-7b2j-s3g7-aaak
Aliases CVE-2005-0758
Summary zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script.
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
generic_textual MODERATE http://docs.info.apple.com/article.html?artnum=306172
generic_textual MODERATE http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
rhas Low https://access.redhat.com/errata/RHSA-2005:357
rhas Low https://access.redhat.com/errata/RHSA-2005:474
epss 0.00064 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.00064 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.00064 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.00064 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.00064 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.00064 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.00064 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.00064 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.00064 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.00064 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.00064 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.00064 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.00064 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.00095 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.00095 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.00095 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.00095 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
epss 0.00235 https://api.first.org/data/v1/epss?cve=CVE-2005-0758
rhbs low https://bugzilla.redhat.com/show_bug.cgi?id=1617573
cvssv2 4.6 https://nvd.nist.gov/vuln/detail/CVE-2005-0758
generic_textual MODERATE http://www.securityfocus.com/bid/25159
Reference id Reference type URL
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.58/SCOSA-2005.58.txt
ftp://patches.sgi.com/support/free/security/advisories/20060301-01.U.asc
http://bugs.gentoo.org/show_bug.cgi?id=90626
http://docs.info.apple.com/article.html?artnum=306172
http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
http://rhn.redhat.com/errata/RHSA-2005-357.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0758.json
https://api.first.org/data/v1/epss?cve=CVE-2005-0758
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0758
http://secunia.com/advisories/18100
http://secunia.com/advisories/19183
http://secunia.com/advisories/22033
http://secunia.com/advisories/26235
http://securitytracker.com/id?1013928
https://exchange.xforce.ibmcloud.com/vulnerabilities/20539
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.555852
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1081
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1107
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9797
http://www.fedoralegacy.org/updates/FC2/2005-11-14-FLSA_2005_158801__Updated_bzip2_packages_fix_security_issues.html
http://www.gentoo.org/security/en/glsa/glsa-200505-05.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2006:026
http://www.mandriva.com/security/advisories?name=MDKSA-2006:027
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.002.html
http://www.osvdb.org/16371
http://www.redhat.com/support/errata/RHSA-2005-474.html
http://www.securityfocus.com/bid/13582
http://www.securityfocus.com/bid/25159
http://www.ubuntu.com/usn/usn-158-1
http://www.vupen.com/english/advisories/2007/2732
1617573 https://bugzilla.redhat.com/show_bug.cgi?id=1617573
321286 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=321286
cpe:2.3:a:gnu:gzip:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:gzip:*:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:4.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:4.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:*
CVE-2005-0758 https://nvd.nist.gov/vuln/detail/CVE-2005-0758
RHSA-2005:357 https://access.redhat.com/errata/RHSA-2005:357
RHSA-2005:474 https://access.redhat.com/errata/RHSA-2005:474
USN-158-1 https://usn.ubuntu.com/158-1/
USN-161-1 https://usn.ubuntu.com/161-1/
No exploits are available.
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2005-0758
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.29173
EPSS Score 0.00064
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.