Gentoo Linux Security Advisory 201301-5 - An integer overflow vulnerability has been found in bzip2 and could result in execution of arbitrary code or Denial of Service. Versions less than 1.0.6 are affected.
8a05528f2228d83f188f79f0bc675cb52064b26c73f66d4731fa70b7cc5ff8fb
VMware Security Advisory 2012-0005 - VMware vCenter Server, Orchestrator, Update Manager, vShield, vSphere Client, ESXi and ESX address several security issues
ccad2214677a724db3237cf961a90dec1de316a2a31f07ed2cbeab3610a575e0
Gentoo Linux Security Advisory 201110-20 - Multiple vulnerabilities were found in Clam AntiVirus, the most severe of which may allow the execution of arbitrary code. Versions less than 0.97.3 are affected.
8a4cb5b5ff29de3a4a524379def9f673e2628a57bd1fb5f9d7b6f15abab93201
VMware Security Advisory 2010-0019 - ESX 3.x Console OS (COS) updates for samba, bzip2, and openssl packages.
53508d995bd3ee7696e115312bf6f130857171310cf94855d6fe67fca9362f8a
Mandriva Linux Security Advisory 2010-185 - An integer overflow has been found and corrected in bzip2 which could be exploited by using a specially crafted bz2 file and cause a denial of service attack. Additionally clamav has been upgraded to 0.96.2 and has been patched for this issue. perl-Compress-Bzip2 in MES5 has been linked against the system bzip2 library to resolve this issue.
9ad342dd4d695ddad458b7a2cc4f336d10b370149f577db868f677cc76eed3e5
Ubuntu Security Notice 986-3 - USN-986-1 fixed vulnerabilities in bzip2. dpkg statically links against libbz2 and needed to be rebuilt to use the updated libbz2. An integer overflow was discovered in bzip2. If a user or automated system were tricked into decompressing a crafted bz2 file, an attacker could cause bzip2 or any application linked against libbz2 to crash or possibly execute code as the user running the program.
c868b777cefbeba465a6705ca695c799632111d84efe15571f31b09656bf8e76
FreeBSD Security Advisory - The bzip2/bunzip2 utilities and the libbz2 library compress and decompress files using an algorithm based on the Burrows-Wheeler transform. They are generally slower than Lempel-Ziv compressors such as gzip, but usually provide a greater compression ratio. When decompressing data, the run-length encoded values are not adequately sanity-checked, allowing for an integer overflow.
59a1711bf6d2510506a512b7a40dbb7b7d40b51b3a4d4e1f1d1ab65852dec64e
Ubuntu Security Notice 986-2 - USN-986-1 fixed a vulnerability in bzip2. This update provides the corresponding update for ClamAV. An integer overflow was discovered in bzip2. If a user or automated system were tricked into decompressing a crafted bz2 file, an attacker could cause bzip2 or any application linked against libbz2 to crash or possibly execute code as the user running the program.
469cb32cd15547aa3ce4d3d5ff9cc514314d8e826a8cd0be6e1890e4826d2835
Ubuntu Security Notice 986-1 - An integer overflow was discovered in bzip2. If a user or automated system were tricked into decompressing a crafted bz2 file, an attacker could cause bzip2 or any application linked against libbz2 to crash or possibly execute code as the user running the program.
76303896b97cb2b9efd591512a1804d52d2c3df08a31055a4824cab1f39e5033
Debian Linux Security Advisory 2112-1 - Mikolaj Izdebski has discovered an integer overflow flaw in the BZ2_decompress function in bzip2/libbz2. An attacker could use a crafted bz2 file to cause a denial of service (application crash) or potentially to execute arbitrary code.
a2d893684f3238f877e8037d50bc8f645067431b0a451bb7eaf502f28d6e7acb