MidnightBSD

Advisories for libzip2

CVE-2010-0405 MEDIUM

Integer overflow in the BZ2_decompress function in decompress.c in bzip2 and libbzip2 before 1.0.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted compressed file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-189,

Products Affected

Vendor Product Version
libzip2 libzip2 *
bzip bzip2 *
bzip bzip2 0.9.5b
bzip bzip2 0.9_a
bzip bzip2 1.0.1
bzip bzip2 1.0.4
bzip bzip2 0.9.0c
bzip bzip2 0.9.0a
bzip bzip2 0.9.5a
bzip bzip2 0.9.5_b
bzip bzip2 0.9.0
bzip bzip2 1.0
bzip bzip2 1.0.2
bzip bzip2 0.9_b
bzip bzip2 0.9.0b
bzip bzip2 0.9
bzip bzip2 0.9.5_c
bzip bzip2 0.9.5_a
bzip bzip2 0.9.5_d
bzip bzip2 0.9.5c
bzip bzip2 0.9.5d
bzip bzip2 0.9_c
bzip bzip2 1.0.3