Incorrect Pointer Scaling
CVE-2016-9842
Summary
The inflateMark function in inflate.c in zlib 1.2.3.4 through 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.
- LOW
- NETWORK
- HIGH
- UNCHANGED
- REQUIRED
- NONE
- HIGH
- HIGH
CWE-468 - Incorrect Pointer Scaling
In C and C++, one may often accidentally refer to the wrong memory due to the semantics of when math operations are implicitly scaled.
References
Advisory Timeline
- Published