cbcvebase.
CVE-2005-1260
published 2005-05-19

CVE-2005-1260: bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression…

PriorityP419medium5CVSS 2.0
AVNACLAuNCNINAP
EPSS
6.15%
92.6th percentile
bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb").

Affected

11 ranges
VendorProductVersion rangeFixed in
applemac_os_x< 10.4.1110.4.11
bzipbzip2< 1.0.31.0.3
bzipbzip2>= 0 < 1.0.2-71.0.2-7
bzipbzip2>= 0 < 1.0.2-71.0.2-7
bzipbzip2>= 0 < 1.0.2-71.0.2-7
bzipbzip2>= 0 < 1.0.2-71.0.2-7
canonicalubuntu_linux
canonicalubuntu_linux
debianbzip2< bzip2 1.0.2-7 (bookworm)bzip2 1.0.2-7 (bookworm)
debiandebian_linux
debiandebian_linux

CVSS provenance

nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM
vendor_debian5.0MEDIUM
vendor_redhat5.0MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.