CVE-2002-0760

2002-08-12T04:00:00
ID CVE-2002-0760
Type cve
Reporter cve@mitre.org
Modified 2008-09-05T20:28:00

Description

Race condition in bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, OpenLinux 3.1 and 3.1.1, and possibly other operating systems, decompresses files with world-readable permissions before setting the permissions to what is specified in the bzip2 archive, which could allow local users to read the files as they are being decompressed.