bzip bzip2 1.0.3

CPE Details

bzip bzip2 1.0.3
bzip
bzip2
1.0.3
2008-09-05
18h00 +00:00
2014-05-06
09h28 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:bzip:bzip2:1.0.3:*:*:*:*:*:*:*

Informations

Vendor

bzip

Product

bzip2

Version

1.0.3

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2019-12900 2019-06-19 20h07 +00:00 BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.
9.8
Critical
CVE-2011-4089 2014-04-16 16h00 +00:00 The bzexe command in bzip2 1.0.5 and earlier generates compressed executables that do not properly handle temporary files during extraction, which allows local users to execute arbitrary code by precreating a temporary directory.
4.6
CVE-2010-0405 2010-09-28 15h00 +00:00 Integer overflow in the BZ2_decompress function in decompress.c in bzip2 and libbzip2 before 1.0.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted compressed file.
5.1
CVE-2008-1372 2008-03-18 20h00 +00:00 bzlib.c in bzip2 before 1.0.5 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted file that triggers a buffer over-read, as demonstrated by the PROTOS GENOME test suite for Archive Formats.
4.3