CVE-2002-0760
Published Aug 12, 2002
Last updated 16 years ago
Overview
- Description
- Race condition in bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, OpenLinux 3.1 and 3.1.1, and possibly other operating systems, decompresses files with world-readable permissions before setting the permissions to what is specified in the bzip2 archive, which could allow local users to read the files as they are being decompressed.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 1.2
- Impact score
- 2.9
- Exploitability score
- 1.9
- Vector string
- AV:L/AC:H/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bzip:bzip2:0.9.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "325C63C7-740D-42E1-B8B1-51125DE57F61"
},
{
"criteria": "cpe:2.3:a:bzip:bzip2:0.9.0a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "550690C7-32D0-4126-B272-D2254A2EF434"
},
{
"criteria": "cpe:2.3:a:bzip:bzip2:0.9.0b:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DFE746CF-6890-4259-A9DB-5F77B592D1E9"
},
{
"criteria": "cpe:2.3:a:bzip:bzip2:0.9.0c:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6C95FE39-842A-45D1-A858-D438C0C15B99"
},
{
"criteria": "cpe:2.3:a:bzip:bzip2:0.9.5a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D8AD6CE9-FCE5-4926-A1D1-0706DFE4A6D4"
},
{
"criteria": "cpe:2.3:a:bzip:bzip2:0.9.5b:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D54DD36D-7A6C-4649-855A-D81F29FFB6C9"
},
{
"criteria": "cpe:2.3:a:bzip:bzip2:0.9.5c:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0B87D623-6CF8-4BDB-A9FB-CF07589AF1CB"
},
{
"criteria": "cpe:2.3:a:bzip:bzip2:0.9.5d:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5FE3BFE7-75B6-4284-9EDC-78D452CD9174"
},
{
"criteria": "cpe:2.3:a:bzip:bzip2:1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B10B3BF9-BE42-468D-89E8-8D4A5FEDC734"
},
{
"criteria": "cpe:2.3:a:bzip:bzip2:1.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E55F00B1-D48B-40A6-872F-959598D7E6E4"
}
],
"operator": "OR"
}
]
}
]