cbcvebase.
CVE-2010-0405
published 2010-09-28

CVE-2010-0405: Integer overflow in the BZ2_decompress function in decompress.c in bzip2 and libbzip2 before 1.0.6 allows context-dependent attackers to cause a denial of…

PriorityP427medium5.1CVSS 2.0
AVNACHAuNCPIPAP
EPSS
3.30%
87.0th percentile
Integer overflow in the BZ2_decompress function in decompress.c in bzip2 and libbzip2 before 1.0.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted compressed file.

Affected

38 ranges· showing 25
VendorProductVersion rangeFixed in
bzipbzip2<= 1.0.5
bzipbzip2
bzipbzip2
bzipbzip2
bzipbzip2
bzipbzip2
bzipbzip2
bzipbzip2
bzipbzip2
bzipbzip2
bzipbzip2
bzipbzip2
bzipbzip2
bzipbzip2
bzipbzip2
bzipbzip2
bzipbzip2
bzipbzip2
bzipbzip2
bzipbzip2
bzipbzip2
bzipbzip2
bzipbzip2>= 0 < 1.0.5-61.0.5-6
bzipbzip2>= 0 < 1.0.5-61.0.5-6
bzipbzip2>= 0 < 1.0.5-61.0.5-6

CVSS provenance

nvdv2.05.1MEDIUMAV:N/AC:H/Au:N/C:P/I:P/A:P
osv5.1MEDIUM
vendor_debian5.1MEDIUM
vendor_redhat5.1MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.