CVE-2009-1884
Published Aug 19, 2009
Last updated 2 years ago
Overview
- Description
- Off-by-one error in the bzinflate function in Bzip2.xs in the Compress-Raw-Bzip2 module before 2.018 for Perl allows context-dependent attackers to cause a denial of service (application hang or crash) via a crafted bzip2 compressed stream that triggers a buffer overflow, a related issue to CVE-2009-1391.
- Source
- secalert@redhat.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:N/A:P
Weaknesses
- nvd@nist.gov
- CWE-189
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bzip:compress-raw-bzip2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6C58C65A-621E-4EF4-ACD2-2B26ED08EA48",
"versionEndIncluding": "2.017"
},
{
"criteria": "cpe:2.3:a:bzip:compress-raw-bzip2:2.0.00_10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "60FA80AE-D536-4323-9628-514C262DA129"
},
{
"criteria": "cpe:2.3:a:bzip:compress-raw-bzip2:2.0.00_12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B324E22C-0273-42C5-BF76-4C54AF6578A9"
},
{
"criteria": "cpe:2.3:a:bzip:compress-raw-bzip2:2.0.00_14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CD46A223-9CB9-48A4-B52D-8621B87AAAA2"
},
{
"criteria": "cpe:2.3:a:bzip:compress-raw-bzip2:2.0.01:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B51D3C0F-0537-4240-841B-70B21DBD4C03"
},
{
"criteria": "cpe:2.3:a:bzip:compress-raw-bzip2:2.0.02:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3D5A547D-5E85-4257-A71D-63078C5FF30A"
},
{
"criteria": "cpe:2.3:a:bzip:compress-raw-bzip2:2.0.03:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "86CB8226-B0EC-4CB9-9678-6B127679A31A"
},
{
"criteria": "cpe:2.3:a:bzip:compress-raw-bzip2:2.0.05:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2F2C6E05-1CD8-4450-A101-3C2270A64B9E"
},
{
"criteria": "cpe:2.3:a:bzip:compress-raw-bzip2:2.0.06:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D38E1A94-AA44-48AE-84A4-5C64451DFE96"
},
{
"criteria": "cpe:2.3:a:bzip:compress-raw-bzip2:2.0.08:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "79442C31-96B2-4CEA-9AEB-DB7F332E938C"
},
{
"criteria": "cpe:2.3:a:bzip:compress-raw-bzip2:2.0.09:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "802DF28F-724C-49E8-920E-E6CBA8E296DF"
},
{
"criteria": "cpe:2.3:a:bzip:compress-raw-bzip2:2.010:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C5C1D31B-123E-4294-81B6-46E4241C16DB"
},
{
"criteria": "cpe:2.3:a:bzip:compress-raw-bzip2:2.011:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A3F7EC80-16B6-4754-A8BE-28782D2FDC86"
},
{
"criteria": "cpe:2.3:a:bzip:compress-raw-bzip2:2.012:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9FA78C9F-1925-4435-BFBD-129836C12238"
},
{
"criteria": "cpe:2.3:a:bzip:compress-raw-bzip2:2.014:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8E299424-8560-4DCF-BDC1-8F88F0E7E8DA"
},
{
"criteria": "cpe:2.3:a:bzip:compress-raw-bzip2:2.015:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3026DDC6-DDCF-4244-A657-B45FAA6E4942"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "CB490BCA-8592-4324-BCE3-396BFD647D5E"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]