CVE-2008-1372

Published: Mar 18, 2008

Modified: Aug 7, 2024

PUBLISHED

Description

bzlib.c in bzip2 before 1.0.5 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted file that triggers a buffer over-read, as demonstrated by the PROTOS GENOME test suite for Archive Formats.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://support.apple.com/kb/HT3757

x_refsource_CONFIRM

bzip2-archives-code-execution(41249)

vdb-entry

x_refsource_XF

SUSE-SR:2008:011

vendor-advisory

x_refsource_SUSE

http://www.bzip.org/CHANGES

x_refsource_CONFIRM

241786

vendor-advisory

x_refsource_SUNALERT

36096

third-party-advisory

x_refsource_SECUNIA

FEDORA-2008-2970

vendor-advisory

x_refsource_FEDORA

20081203 VMSA-2008-0019 VMware Hosted products and patches for ESX and ESXi resolve a critical security issue and update bzip2

mailing-list

x_refsource_BUGTRAQ

ADV-2008-2557

vdb-entry

x_refsource_VUPEN

31878

third-party-advisory

x_refsource_SECUNIA

SSA:2008-098-02

vendor-advisory

x_refsource_SLACKWARE

31869

third-party-advisory

x_refsource_SECUNIA

1020867

vdb-entry

x_refsource_SECTRACK

RHSA-2008:0893

vendor-advisory

x_refsource_REDHAT

http://kb.vmware.com/kb/1007504

x_refsource_CONFIRM

http://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html

x_refsource_MISC

APPLE-SA-2009-08-05-1

vendor-advisory

x_refsource_APPLE

VU#813451

third-party-advisory

x_refsource_CERT-VN

https://bugs.gentoo.org/attachment.cgi?id=146488&action=view

x_refsource_CONFIRM

http://kb.vmware.com/kb/1007198

x_refsource_CONFIRM

GLSA-200804-02

vendor-advisory

x_refsource_GENTOO

FEDORA-2008-3037

vendor-advisory

x_refsource_FEDORA

http://kb.vmware.com/kb/1006982

x_refsource_CONFIRM

http://www.ipcop.org/index.php?name=News&file=article&sid=40

x_refsource_CONFIRM

29656

third-party-advisory

x_refsource_SECUNIA

http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0118

x_refsource_CONFIRM

29475

third-party-advisory

x_refsource_SECUNIA

29698

third-party-advisory

x_refsource_SECUNIA

29497

third-party-advisory

x_refsource_SECUNIA

29940

third-party-advisory

x_refsource_SECUNIA

20080321 rPSA-2008-0118-1 bzip2

mailing-list

x_refsource_BUGTRAQ

oval:org.mitre.oval:def:6467

vdb-entry

signature

x_refsource_OVAL

oval:org.mitre.oval:def:10067

vdb-entry

signature

x_refsource_OVAL

GLSA-200903-40

vendor-advisory

x_refsource_GENTOO

31204

third-party-advisory

x_refsource_SECUNIA

USN-590-1

vendor-advisory

x_refsource_UBUNTU

MDVSA-2008:075

vendor-advisory

x_refsource_MANDRIVA

ADV-2008-0915

vdb-entry

x_refsource_VUPEN

http://www.ee.oulu.fi/research/ouspg/protos/testing/c10/archive/

x_refsource_MISC

29506

third-party-advisory

x_refsource_SECUNIA

ADV-2009-2172

vdb-entry

x_refsource_VUPEN

TA09-218A

third-party-advisory

x_refsource_CERT

28286

vdb-entry

x_refsource_BID

29410

third-party-advisory

x_refsource_SECUNIA

29677

third-party-advisory

x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2008-1372

Description

Affected Products

References