CVE-2010-0405
CVE-2010-0405
Integer overflow in the BZ2_decompress function in decompress.c in bzip2 and libbzip2 before 1.0.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted compressed file.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://blogs.sun.com/security/entry/cve_2010_0405_integer_overflowhttp://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=clamav-0.96.3http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-November/051278.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-November/051366.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.htmlhttp://marc.info/?l=oss-security&m=128506868510655&w=2https://bugzilla.redhat.com/show_bug.cgi?id=627882http://secunia.com/advisories/41452http://secunia.com/advisories/41505http://secunia.com/advisories/42350http://secunia.com/advisories/42404