Vulnerabilities > Bzip > Bzip2 > 1.0.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-06-19 | CVE-2019-12900 | Out-of-bounds Write vulnerability in multiple products BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors. | 9.8 |
2014-04-16 | CVE-2011-4089 | Permissions, Privileges, and Access Controls vulnerability in Bzip Bzip2 The bzexe command in bzip2 1.0.5 and earlier generates compressed executables that do not properly handle temporary files during extraction, which allows local users to execute arbitrary code by precreating a temporary directory. | 4.6 |
2008-03-18 | CVE-2008-1372 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Bzip Bzip2 bzlib.c in bzip2 before 1.0.5 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted file that triggers a buffer over-read, as demonstrated by the PROTOS GENOME test suite for Archive Formats. | 4.3 |