Lucene search

K
ubuntucveUbuntu.comUB:CVE-2008-1372
HistoryMar 18, 2008 - 12:00 a.m.

CVE-2008-1372

2008-03-1800:00:00
ubuntu.com
ubuntu.com
7

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.097 Low

EPSS

Percentile

94.8%

bzlib.c in bzip2 before 1.0.5 allows user-assisted remote attackers to
cause a denial of service (crash) via a crafted file that triggers a buffer
over-read, as demonstrated by the PROTOS GENOME test suite for Archive
Formats.

OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchbzip2< 1.0.3-0ubuntu2.1UNKNOWN
ubuntu6.10noarchbzip2< 1.0.3-3ubuntu0.1UNKNOWN
ubuntu7.04noarchbzip2< 1.0.3-6ubuntu0.1UNKNOWN
ubuntu7.10noarchbzip2< 1.0.4-0ubuntu2.1UNKNOWN

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.097 Low

EPSS

Percentile

94.8%