CVE-2010-0405

Published Sep 28, 2010

Last updated 4 months ago

CVSS info 5.1

Overview

Description: Integer overflow in the BZ2_decompress function in decompress.c in bzip2 and libbzip2 before 1.0.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted compressed file.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 5.1
Impact score: 6.4
Exploitability score: 4.9
Vector string: AV:N/AC:H/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-189

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:bzip:bzip2:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9EDE642C-0199-43BD-8A86-4C01950D3D12",
            "versionEndIncluding": "1.0.5"
          },
          {
            "criteria": "cpe:2.3:a:bzip:bzip2:0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3852E705-516A-4A5E-8095-93DCF8DB15DB"
          },
          {
            "criteria": "cpe:2.3:a:bzip:bzip2:0.9.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "325C63C7-740D-42E1-B8B1-51125DE57F61"
          },
          {
            "criteria": "cpe:2.3:a:bzip:bzip2:0.9.0a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "550690C7-32D0-4126-B272-D2254A2EF434"
          },
          {
            "criteria": "cpe:2.3:a:bzip:bzip2:0.9.0b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DFE746CF-6890-4259-A9DB-5F77B592D1E9"
          },
          {
            "criteria": "cpe:2.3:a:bzip:bzip2:0.9.0c:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6C95FE39-842A-45D1-A858-D438C0C15B99"
          },
          {
            "criteria": "cpe:2.3:a:bzip:bzip2:0.9.5_a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "124E0E58-A7B3-4B3E-BEAD-76073A75A0DE"
          },
          {
            "criteria": "cpe:2.3:a:bzip:bzip2:0.9.5_b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6F2C4072-C19D-45E0-9662-030F39BD2295"
          },
          {
            "criteria": "cpe:2.3:a:bzip:bzip2:0.9.5_c:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E1466AE9-B7E0-449C-BD25-54009833ED93"
          },
          {
            "criteria": "cpe:2.3:a:bzip:bzip2:0.9.5_d:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DC309293-C48A-4931-9A81-359966C6BB40"
          },
          {
            "criteria": "cpe:2.3:a:bzip:bzip2:0.9.5a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D8AD6CE9-FCE5-4926-A1D1-0706DFE4A6D4"
          },
          {
            "criteria": "cpe:2.3:a:bzip:bzip2:0.9.5b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D54DD36D-7A6C-4649-855A-D81F29FFB6C9"
          },
          {
            "criteria": "cpe:2.3:a:bzip:bzip2:0.9.5c:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0B87D623-6CF8-4BDB-A9FB-CF07589AF1CB"
          },
          {
            "criteria": "cpe:2.3:a:bzip:bzip2:0.9.5d:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5FE3BFE7-75B6-4284-9EDC-78D452CD9174"
          },
          {
            "criteria": "cpe:2.3:a:bzip:bzip2:0.9_a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E3992967-645A-45E1-979E-6866B50AA642"
          },
          {
            "criteria": "cpe:2.3:a:bzip:bzip2:0.9_b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "980AE5B2-11A7-4672-B221-DF660F20667F"
          },
          {
            "criteria": "cpe:2.3:a:bzip:bzip2:0.9_c:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1DC33019-390A-428F-B119-139CA5949AE4"
          },
          {
            "criteria": "cpe:2.3:a:bzip:bzip2:1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B10B3BF9-BE42-468D-89E8-8D4A5FEDC734"
          },
          {
            "criteria": "cpe:2.3:a:bzip:bzip2:1.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E55F00B1-D48B-40A6-872F-959598D7E6E4"
          },
          {
            "criteria": "cpe:2.3:a:bzip:bzip2:1.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CB5DBC5B-C1C4-487E-B40D-8925FDA13D1E"
          },
          {
            "criteria": "cpe:2.3:a:bzip:bzip2:1.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C02B0664-E473-4131-8228-96BB5FBC4F7F"
          },
          {
            "criteria": "cpe:2.3:a:bzip:bzip2:1.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "85E9A082-C20B-4BD7-8562-5E391F0205F2"
          },
          {
            "criteria": "cpe:2.3:a:libzip2:libzip2:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CE5990D0-499C-417F-B8C0-4DE8D5253EFD",
            "versionEndIncluding": "1.0.5"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References