SUSE SLES11 Security Update : bzip2 (SUSE-SU-2019:14139-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2019:14139-1 advisory. - BZ2decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors. CVE-2019-12900 Note that Nessus has n...

Arbitrary Code Execution

bzip2 is vulnerable to arbitrary code execution. The vulnerability exists as an integer overflow flaw was discovered in the bzip2 decompression routine. This issue could, when decompressing malformed archives, cause bzip2, or an application linked against the libbz2 library, to crash or,...

SUSE SLED12 Security Update : gstreamer-0_10-plugins-good (SUSE-SU-2017:0237-1)

gstreamer-010-plugins-good was updated to fix five security issues. These security issues were fixed : - CVE-2016-9635: Invalid FLIC files could have caused and an out-of-bounds write bsc1012103. - CVE-2016-9634: Invalid FLIC files could have caused and an out-of-bounds write bsc1012102. -...

openSUSE Security Update : Chromium (openSUSE-SU-2012:1637-1)

Chromium was updated to 25.0.1343 - Security Fixes bnc791234 and bnc792154 : - CVE-2012-5131: Corrupt rendering in the Apple OSX driver for Intel GPUs - CVE-2012-5133: Use-after-free in SVG filters. - CVE-2012-5130: Out-of-bounds read in Skia - CVE-2012-5132: Browser crash with chunked encoding -...

Chromium to 25.0.1343 (important)

Chromium was updated to 25.0.1343 Security Fixes bnc791234 and bnc792154: - CVE-2012-5131: Corrupt rendering in the Apple OSX driver for Intel GPUs - CVE-2012-5133: Use-after-free in SVG filters. - CVE-2012-5130: Out-of-bounds read in Skia - CVE-2012-5132: Browser crash with chunked encoding -...

Scientific Linux Security Update : bzip2 on SL6.x i386/x86_64

An integer overflow flaw was discovered in the bzip2 decompression routine. This issue could, when decompressing malformed archives, cause bzip2, or an application linked against the libbz2 library, to crash or, potentially, execute arbitrary code. CVE-2010-0405 All running applications using the...

FreeBSD Security Advisory (FreeBSD-SA-10:08.bzip2.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-10:08.bzip2.asc ADV FreeBSD-SA-10:08.bzip2.asc OpenVAS Vulnerability Test $ Description: Auto generated from ADV FreeBSD-SA-10:08.bzip2.asc Authors: Thomas Reinke Copyright: Copyright c 2010 E-So...

FreeBSD Security Advisory (FreeBSD-SA-10:08.bzip2.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-10:08.bzip2.asc SPDX-FileCopyrightText: 2010 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Ubuntu Update for dpkg vulnerability USN-986-3

Ubuntu Update for Linux kernel vulnerabilities USN-986-3 OpenVAS Vulnerability Test $Id: gbubuntuUSN9863.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for dpkg vulnerability USN-986-3 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

Ubuntu Update for bzip2 vulnerability USN-986-1

Ubuntu Update for Linux kernel vulnerabilities USN-986-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9861.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for bzip2 vulnerability USN-986-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

Ubuntu: Security Advisory (USN-986-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-2112-1 : bzip2 - integer overflow

Mikolaj Izdebski has discovered an integer overflow flaw in the BZ2decompress function in bzip2/libbz2. An attacker could use a crafted bz2 file to cause a denial of service application crash or potentially to execute arbitrary code. CVE-2010-0405 %NASLMINLEVEL 70300 C Tenable Network Security,...

USN-986-3: dpkg vulnerability

USN-986-1 fixed vulnerabilities in bzip2. dpkg statically links against libbz2 and needed to be rebuilt to use the updated libbz2. Original advisory details: An integer overflow was discovered in bzip2. If a user or automated system were tricked into decompressing a crafted bz2 file, an attacker...

DSA-2112-1 bzip2 - integer overflow

Bulletin has no description...

Moderate: Red Hat Security Advisory: bzip2 security update

Updated bzip2 packages that fix a security issue are now available for Red Hat Enterprise Linux 2.1, 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Bzip2 is a freely available, high-quality data compressor. It provides both...

GLSA-200804-02 : bzip2: Denial of Service

The remote host is affected by the vulnerability described in GLSA-200804-02 bzip2: Denial of Service The Oulu University discovered that bzip2 does not properly check offsets provided by the bzip2 file, leading to a buffer overread. Impact : Remote attackers can entice a user or automated system...

bzip2: Denial of service

Background bzip2 is a free and open source lossless data compression program. Description The Oulu University discovered that bzip2 does not properly check offsets provided by the bzip2 file, leading to a buffer overread. Impact Remote attackers can entice a user or automated system to open a...

USN-590-1: bzip2 vulnerability

It was discovered that bzip2 did not correctly handle certain malformed archives. If a user or automated system were tricked into processing a specially crafted bzip2 archive, applications linked against libbz2 could be made to crash, possibly leading to a denial of service...