Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2010-0405

Опубликовано: 28 сент. 2010
Источник: nvd
CVSS2: 5.1
EPSS Низкий

Описание

Integer overflow in the BZ2_decompress function in decompress.c in bzip2 and libbzip2 before 1.0.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted compressed file.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:bzip:bzip2:*:*:*:*:*:*:*:*
Версия до 1.0.5 (включая)
cpe:2.3:a:bzip:bzip2:0.9:*:*:*:*:*:*:*
cpe:2.3:a:bzip:bzip2:0.9.0:*:*:*:*:*:*:*
cpe:2.3:a:bzip:bzip2:0.9.0a:*:*:*:*:*:*:*
cpe:2.3:a:bzip:bzip2:0.9.0b:*:*:*:*:*:*:*
cpe:2.3:a:bzip:bzip2:0.9.0c:*:*:*:*:*:*:*
cpe:2.3:a:bzip:bzip2:0.9.5_a:*:*:*:*:*:*:*
cpe:2.3:a:bzip:bzip2:0.9.5_b:*:*:*:*:*:*:*
cpe:2.3:a:bzip:bzip2:0.9.5_c:*:*:*:*:*:*:*
cpe:2.3:a:bzip:bzip2:0.9.5_d:*:*:*:*:*:*:*
cpe:2.3:a:bzip:bzip2:0.9.5a:*:*:*:*:*:*:*
cpe:2.3:a:bzip:bzip2:0.9.5b:*:*:*:*:*:*:*
cpe:2.3:a:bzip:bzip2:0.9.5c:*:*:*:*:*:*:*
cpe:2.3:a:bzip:bzip2:0.9.5d:*:*:*:*:*:*:*
cpe:2.3:a:bzip:bzip2:0.9_a:*:*:*:*:*:*:*
cpe:2.3:a:bzip:bzip2:0.9_b:*:*:*:*:*:*:*
cpe:2.3:a:bzip:bzip2:0.9_c:*:*:*:*:*:*:*
cpe:2.3:a:bzip:bzip2:1.0:*:*:*:*:*:*:*
cpe:2.3:a:bzip:bzip2:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:bzip:bzip2:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:bzip:bzip2:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:bzip:bzip2:1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:libzip2:libzip2:*:*:*:*:*:*:*:*
Версия до 1.0.5 (включая)

EPSS

Процентиль: 92%
0.0921
Низкий

5.1 Medium

CVSS2

Дефекты

CWE-189

Связанные уязвимости

ubuntu логотип

CVE-2010-0405

ubuntu
больше 14 лет назад

Integer overflow in the BZ2_decompress function in decompress.c in bzip2 and libbzip2 before 1.0.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted compressed file.

redhat логотип

CVE-2010-0405

redhat
почти 15 лет назад

Integer overflow in the BZ2_decompress function in decompress.c in bzip2 and libbzip2 before 1.0.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted compressed file.

debian логотип

CVE-2010-0405

debian
больше 14 лет назад

Integer overflow in the BZ2_decompress function in decompress.c in bzi ...

github логотип

GHSA-44gv-7gp8-m9mw

github
около 3 лет назад

Integer overflow in the BZ2_decompress function in decompress.c in bzip2 and libbzip2 before 1.0.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted compressed file.

oracle-oval логотип

ELSA-2010-0858

oracle-oval
больше 14 лет назад

ELSA-2010-0858: bzip2 security update (IMPORTANT)

EPSS

Процентиль: 92%
0.0921
Низкий

5.1 Medium

CVSS2

Дефекты

CWE-189