CVE-2010-0405: Integer Overflow
First published: Fri Aug 27 2010(Updated: )
A bzip2 security issue was reported to Debian security team: Mikołaj Izdebski has discovered an integer overflow flaw in the <a class="bz_bug_link bz_status_CLOSED bz_closed bz_public " title="CLOSED CURRENTRELEASE - broken links of default index.html" href="show_bug.cgi?id=2">BZ2</a>_decompress function in bzip2/libbz2. An attacker could use a crafted <a class="bz_bug_link bz_status_CLOSED bz_closed bz_public " title="CLOSED CURRENTRELEASE - broken links of default index.html" href="show_bug.cgi?id=2">bz2</a> file to cause a denial of service (application crash) or potentially to execute arbitrary code. (<a href="https://access.redhat.com/security/cve/CVE-2010-0405">CVE-2010-0405</a>)
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/bzip2 | <0:1.0.2-16.el4_8 | 0:1.0.2-16.el4_8 |
| redhat/bzip2 | <0:1.0.3-6.el5_5 | 0:1.0.3-6.el5_5 |
| redhat/bzip2 | <0:1.0.5-7.el6_0 | 0:1.0.5-7.el6_0 |
| Bzip2 | <=1.0.5 | |
| Bzip2 | =0.9 | |
| Bzip2 | =0.9.0 | |
| Bzip2 | =0.9.0a | |
| Bzip2 | =0.9.0b | |
| Bzip2 | =0.9.0c | |
| Bzip2 | =0.9.5_a | |
| Bzip2 | =0.9.5_b | |
| Bzip2 | =0.9.5_c | |
| Bzip2 | =0.9.5_d | |
| Bzip2 | =0.9.5a | |
| Bzip2 | =0.9.5b | |
| Bzip2 | =0.9.5c | |
| Bzip2 | =0.9.5d | |
| Bzip2 | =0.9_a | |
| Bzip2 | =0.9_b | |
| Bzip2 | =0.9_c | |
| Bzip2 | =1.0 | |
| Bzip2 | =1.0.1 | |
| Bzip2 | =1.0.2 | |
| Bzip2 | =1.0.3 | |
| Bzip2 | =1.0.4 | |
| libzip2 | <=1.0.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://blogs.sun.com/security/entry/cve_2010_0405_integer_overflow
- http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=clamav-0.96.3
- http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051278.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051366.html
- http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html
- http://marc.info/?l=oss-security&m=128506868510655&w=2
- http://secunia.com/advisories/41452
- http://secunia.com/advisories/41505
- http://secunia.com/advisories/42350
- http://secunia.com/advisories/42404
- http://secunia.com/advisories/42405
- http://secunia.com/advisories/42529
- http://secunia.com/advisories/42530
- http://secunia.com/advisories/48378
- http://security.gentoo.org/glsa/glsa-201301-05.xml
- http://support.apple.com/kb/HT4581
- http://www.bzip.org/
- http://www.redhat.com/support/errata/RHSA-2010-0703.html
- http://www.redhat.com/support/errata/RHSA-2010-0858.html
- http://www.securityfocus.com/archive/1/515055/100/0/threaded
- http://www.ubuntu.com/usn/USN-986-2
- http://www.ubuntu.com/usn/USN-986-3
- http://www.ubuntu.com/usn/usn-986-1
- http://www.vmware.com/security/advisories/VMSA-2010-0019.html
- http://www.vupen.com/english/advisories/2010/2455
- http://www.vupen.com/english/advisories/2010/3043
- http://www.vupen.com/english/advisories/2010/3052
- http://www.vupen.com/english/advisories/2010/3073
- http://www.vupen.com/english/advisories/2010/3126
- http://www.vupen.com/english/advisories/2010/3127
- http://xorl.wordpress.com/2010/09/21/cve-2010-0405-bzip2-integer-overflow/
- https://bugzilla.redhat.com/show_bug.cgi?id=627882
- https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2230
- https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2231
- http://git.clamav.net/gitweb?p=clamav-devel.git;a=blob_plain;f=ChangeLog;hb=clamav-0.96.3
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2
- https://access.redhat.com/security/cve/CVE-2010-0405
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=441451&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=441451&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=448401&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=448401&action=edit
- https://rhn.redhat.com/errata/RHSA-2010-0703.html
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=627882#c9
- http://git.clamav.net/gitweb?p=clamav-devel.git;a=commitdiff;h=fcd8091474d12592d509adcfd0bdd0b0dc8835f5#patch4
- https://rhn.redhat.com/errata/RHSA-2010-0858.html
- https://www.cve.org/CVERecord?id=CVE-2010-0405 https://nvd.nist.gov/vuln/detail/CVE-2010-0405
- https://access.redhat.com/errata/RHSA-2010:0703
- https://access.redhat.com/errata/RHSA-2010:0858
- https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0405.json
Frequently Asked Questions
What is the severity of CVE-2010-0405?
CVE-2010-0405 is considered to be of medium severity due to the risk of integer overflow vulnerabilities.
How do I fix CVE-2010-0405?
To fix CVE-2010-0405, update to the recommended bzip2 versions specified by your operating system vendor.
What software is affected by CVE-2010-0405?
CVE-2010-0405 affects various versions of the bzip2 software, particularly those prior to 1.0.6.
What type of vulnerability is CVE-2010-0405?
CVE-2010-0405 is an integer overflow vulnerability that can lead to memory corruption.
Can CVE-2010-0405 be exploited remotely?
Yes, CVE-2010-0405 can potentially be exploited remotely if an attacker can trigger the vulnerable bzip2 program.
- agent/author
- agent/type
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2010-0405
- agent/first-publish-date
- agent/references
- agent/severity
- agent/weakness
- collector/redhat-cve
- agent/software-canonical-lookup
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/description
- agent/event
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-api
- collector/nvd-historical
- package-manager/redhat
- vendor/bzip
- canonical/bzip2
- version/bzip2/1.0.5
- version/bzip2/0.9
- version/bzip2/0.9.0
- version/bzip2/0.9.0a
- version/bzip2/0.9.0b
- version/bzip2/0.9.0c
- version/bzip2/0.9.5_a
- version/bzip2/0.9.5_b
- version/bzip2/0.9.5_c
- version/bzip2/0.9.5_d
- version/bzip2/0.9.5a
- version/bzip2/0.9.5b
- version/bzip2/0.9.5c
- version/bzip2/0.9.5d
- version/bzip2/0.9_a
- version/bzip2/0.9_b
- version/bzip2/0.9_c
- version/bzip2/1.0
- version/bzip2/1.0.1
- version/bzip2/1.0.2
- version/bzip2/1.0.3
- version/bzip2/1.0.4
- vendor/libzip2
- canonical/libzip2
- version/libzip2/1.0.5