bzip2 1.0.5 integer overflow

2010.10.01

Credit: Solar Designer

Risk: Medium

Local: No

Remote: Yes

CVE: CVE-2010-0405

CWE: CWE-189

CVSS Base Score: 5.1/10

Impact Subscore: 6.4/10

Exploitability Subscore: 4.9/10

Exploit range: Remote

Attack complexity: High

Authentication: No required

Confidentiality impact: Partial

Integrity impact: Partial

Availability impact: Partial

Here's some analysis of this vulnerability and the changes in 1.0.6:
http://xorl.wordpress.com/2010/09/21/cve-2010-0405-bzip2-integer-overflow/
No conclusion on whether it is exploitable or not (and in what cases),
yet maybe this will save someone a few minutes.
Alexander

References:

https://bugzilla.redhat.com/show_bug.cgi?id=627882

http://xorl.wordpress.com/2010/09/21/cve-2010-0405-bzip2-integer-overflow/

http://www.ubuntu.com/usn/USN-986-3

http://www.ubuntu.com/usn/USN-986-2

http://www.ubuntu.com/usn/usn-986-1

http://www.redhat.com/support/errata/RHSA-2010-0703.html

http://www.bzip.org/

http://secunia.com/advisories/41505

http://secunia.com/advisories/41452

http://marc.info/?l=oss-security&m=128506868510655&w=2

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

bzip2 1.0.5 integer overflow

References:

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.