BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.
Max CVSS
9.8
EPSS Score
1.75%
Published
2019-06-19
Updated
2022-06-27
The bzexe command in bzip2 1.0.5 and earlier generates compressed executables that do not properly handle temporary files during extraction, which allows local users to execute arbitrary code by precreating a temporary directory.
Max CVSS
4.6
EPSS Score
0.04%
Published
2014-04-16
Updated
2014-04-17
Integer overflow in the BZ2_decompress function in decompress.c in bzip2 and libbzip2 before 1.0.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted compressed file.
Max CVSS
5.1
EPSS Score
2.72%
Published
2010-09-28
Updated
2018-10-10
bzlib.c in bzip2 before 1.0.5 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted file that triggers a buffer over-read, as demonstrated by the PROTOS GENOME test suite for Archive Formats.
Max CVSS
4.3
EPSS Score
8.61%
Published
2008-03-18
Updated
2018-10-11
bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb").
Max CVSS
5.0
EPSS Score
2.03%
Published
2005-05-19
Updated
2020-11-13
Race condition in bzip2 1.0.2 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by bzip2 after the decompression is complete.
Max CVSS
3.7
EPSS Score
0.08%
Published
2005-05-02
Updated
2018-10-19
6 vulnerabilities found