CVE-2002-2102: Medium severity JCraft JZlib vulnerability
Published Dec 31, 2002
·Updated
InfBlocks.java in JCraft JZlib before 0.0.7 allow remote attackers to cause a denial of service (NullPointerException) via an invalid block of deflated data.
Affected Software
6 affected components
JCraft JZlib=0.0.1
JCraft JZlib=0.0.5
JCraft JZlib=0.0.3
JCraft JZlib=0.0.6
JCraft JZlib=0.0.4
JCraft JZlib=0.0.2
Remediation
Patch Available
Event History
Dec 31, 2002
CVE Published
05:00 AM
Aug 5, 2005
CVE Published
via MITRE·04:00 AM
Data Sourced
via MITRE·04:00 AM
Description
Frequently Asked Questions
1
What is the severity of CVE-2002-2102?
CVE-2002-2102 has a severity rating that indicates it can lead to a denial of service vulnerability.
2
How do I fix CVE-2002-2102?
To mitigate CVE-2002-2102, upgrade JCraft JZlib to version 0.0.7 or later.
3
What versions of JCraft JZlib are affected by CVE-2002-2102?
Versions 0.0.1 through 0.0.6 of JCraft JZlib are vulnerable to CVE-2002-2102.
4
Can CVE-2002-2102 be exploited remotely?
Yes, CVE-2002-2102 can be exploited remotely by sending an invalid block of deflated data.
5
What impact does CVE-2002-2102 have on applications?
The impact of CVE-2002-2102 is a denial of service attack that results in a NullPointerException.