Note: This is an archival copy of Security Sun Alert 200550 as previously published on
Latest version of this security advisory is available from as Sun Alert 1000418.1.
Article ID : 1000418.1
Article Type : Sun Alerts (SURE)
Last reviewed : 2003-10-16
Audience : PUBLIC
Copyright Notice: Copyright © 2010, Oracle Corporation and/or its affiliates.

Security Vulnerability in Solaris zlib(libz(3)) Compression Library Function gzprintf()


Release Phase

Solaris 9 Operating System
Solaris 8 Operating System

Bug Id

Date of Resolved Release


Applications which are linked with "zlib" and utilize the gzprintf() function may be susceptible to a security vulnerability which could result in a denial of service, information leakage, or execution of arbitrary code due to a buffer overflow in the "zlib" gzprintf() function.

Sun does not distribute any applications with the Solaris Operating Environment which are linked with "zlib" and call gzprintf(). A large number of free applications and libraries have been identified as using "zlib" at Some of this freeware is distributed on the Solaris Software Companion CDs but none is known to be vulnerable to this issue at this time.

This issue is described in CERT Vulnerability VU#142121 (see

Contributing Factors

This issue can occur in the following releases:

SPARC Platform

  • Solaris 8 without patch 112611-02
  • Solaris 9 without patch 115754-02

x86 Platform

  • Solaris 8 without patch 112612-02
  • Solaris 9 without patch 115755-02

Note 1: libz is not distributed with Solaris 7 or earlier releases.

Note 2: For a short period, patches 115754-01 and 115755-01 were available that purported to address this issue. However, this was not the case and 115754-02 and 115755-02 are required to address this issue as shown above.


There are no predictable symptoms that would show the described issue has been exploited.


There is no workaround. Please see the "Resolution" section below.


This issue is addressed in the following releases:

SPARC Platform

  • Solaris 8 with patch 112611-02 or later
  • Solaris 9 with patch 115754-02 or later

x86 Platform

  • Solaris 8 with patch 112612-02 or later
  • Solaris 9 with patch 115755-02 or later

Modification History



This solution has no attachment