8 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
12.7%
The bzexe command in bzip2 1.0.5 and earlier generates compressed executables that do not properly handle temporary files during extraction, which allows local users to execute arbitrary code by precreating a temporary directory.
nvd.nist.gov/vuln/detail/CVE-2011-4089
www.cve.org/CVERecord?id=CVE-2011-4089