what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

CVE-2010-0405

Status Candidate

Overview

Integer overflow in the BZ2_decompress function in decompress.c in bzip2 and libbzip2 before 1.0.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted compressed file.

Related Files

Gentoo Linux Security Advisory 201301-05
Posted Jan 9, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201301-5 - An integer overflow vulnerability has been found in bzip2 and could result in execution of arbitrary code or Denial of Service. Versions less than 1.0.6 are affected.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2010-0405
SHA-256 | 8a05528f2228d83f188f79f0bc675cb52064b26c73f66d4731fa70b7cc5ff8fb
VMware Security Advisory 2012-0005
Posted Mar 17, 2012
Authored by VMware | Site vmware.com

VMware Security Advisory 2012-0005 - VMware vCenter Server, Orchestrator, Update Manager, vShield, vSphere Client, ESXi and ESX address several security issues

tags | advisory
advisories | CVE-2010-0405, CVE-2011-3190, CVE-2011-3375, CVE-2012-0022, CVE-2012-1508, CVE-2012-1509, CVE-2012-1510, CVE-2012-1512, CVE-2012-1513, CVE-2012-1514
SHA-256 | ccad2214677a724db3237cf961a90dec1de316a2a31f07ed2cbeab3610a575e0
Gentoo Linux Security Advisory 201110-20
Posted Oct 24, 2011
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201110-20 - Multiple vulnerabilities were found in Clam AntiVirus, the most severe of which may allow the execution of arbitrary code. Versions less than 0.97.3 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2010-0405, CVE-2010-3434, CVE-2010-4260, CVE-2010-4261, CVE-2010-4479, CVE-2011-1003, CVE-2011-2721, CVE-2011-3627
SHA-256 | 8a4cb5b5ff29de3a4a524379def9f673e2628a57bd1fb5f9d7b6f15abab93201
VMware Security Advisory 2010-0019
Posted Dec 8, 2010
Authored by VMware | Site vmware.com

VMware Security Advisory 2010-0019 - ESX 3.x Console OS (COS) updates for samba, bzip2, and openssl packages.

tags | advisory
advisories | CVE-2009-0590, CVE-2009-2409, CVE-2009-3555, CVE-2010-0405, CVE-2010-3069
SHA-256 | 53508d995bd3ee7696e115312bf6f130857171310cf94855d6fe67fca9362f8a
Mandriva Linux Security Advisory 2010-185
Posted Sep 21, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-185 - An integer overflow has been found and corrected in bzip2 which could be exploited by using a specially crafted bz2 file and cause a denial of service attack. Additionally clamav has been upgraded to 0.96.2 and has been patched for this issue. perl-Compress-Bzip2 in MES5 has been linked against the system bzip2 library to resolve this issue.

tags | advisory, denial of service, overflow, perl
systems | linux, mandriva
advisories | CVE-2010-0405
SHA-256 | 9ad342dd4d695ddad458b7a2cc4f336d10b370149f577db868f677cc76eed3e5
Ubuntu Security Notice 986-3
Posted Sep 21, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 986-3 - USN-986-1 fixed vulnerabilities in bzip2. dpkg statically links against libbz2 and needed to be rebuilt to use the updated libbz2. An integer overflow was discovered in bzip2. If a user or automated system were tricked into decompressing a crafted bz2 file, an attacker could cause bzip2 or any application linked against libbz2 to crash or possibly execute code as the user running the program.

tags | advisory, overflow, vulnerability
systems | linux, ubuntu
advisories | CVE-2010-0405
SHA-256 | c868b777cefbeba465a6705ca695c799632111d84efe15571f31b09656bf8e76
FreeBSD Security Advisory - bzip2 Integer Overflow
Posted Sep 21, 2010
Site security.freebsd.org

FreeBSD Security Advisory - The bzip2/bunzip2 utilities and the libbz2 library compress and decompress files using an algorithm based on the Burrows-Wheeler transform. They are generally slower than Lempel-Ziv compressors such as gzip, but usually provide a greater compression ratio. When decompressing data, the run-length encoded values are not adequately sanity-checked, allowing for an integer overflow.

tags | advisory, overflow
systems | freebsd
advisories | CVE-2010-0405
SHA-256 | 59a1711bf6d2510506a512b7a40dbb7b7d40b51b3a4d4e1f1d1ab65852dec64e
Ubuntu Security Notice 986-2
Posted Sep 21, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 986-2 - USN-986-1 fixed a vulnerability in bzip2. This update provides the corresponding update for ClamAV. An integer overflow was discovered in bzip2. If a user or automated system were tricked into decompressing a crafted bz2 file, an attacker could cause bzip2 or any application linked against libbz2 to crash or possibly execute code as the user running the program.

tags | advisory, overflow
systems | linux, ubuntu
advisories | CVE-2010-0405
SHA-256 | 469cb32cd15547aa3ce4d3d5ff9cc514314d8e826a8cd0be6e1890e4826d2835
Ubuntu Security Notice 986-1
Posted Sep 21, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 986-1 - An integer overflow was discovered in bzip2. If a user or automated system were tricked into decompressing a crafted bz2 file, an attacker could cause bzip2 or any application linked against libbz2 to crash or possibly execute code as the user running the program.

tags | advisory, overflow
systems | linux, ubuntu
advisories | CVE-2010-0405
SHA-256 | 76303896b97cb2b9efd591512a1804d52d2c3df08a31055a4824cab1f39e5033
Debian Linux Security Advisory 2112-1
Posted Sep 21, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2112-1 - Mikolaj Izdebski has discovered an integer overflow flaw in the BZ2_decompress function in bzip2/libbz2. An attacker could use a crafted bz2 file to cause a denial of service (application crash) or potentially to execute arbitrary code.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2010-0405
SHA-256 | a2d893684f3238f877e8037d50bc8f645067431b0a451bb7eaf502f28d6e7acb
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    5 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close