CVE-2011-4089

🗓️ 29 Oct 2011 00:00:00Reported by ubuntu.comType

ubuntucve

ubuntucve🔗 ubuntu.com👁 18 Views

Bzexe command in bzip2 1.0.5 and earlier allows local users to execute arbitrary code

Reporter	Title	Published	Views	Family All 17
Circl	CVE-2011-4089	23 Nov 201100:00	–	circl
CVE	CVE-2011-4089	16 Apr 201418:00	–	cve
Cvelist	CVE-2011-4089	16 Apr 201418:00	–	cvelist
Debian CVE	CVE-2011-4089	16 Apr 201418:00	–	debiancve
EUVD	EUVD-2011-4040	7 Oct 202500:30	–	euvd
NVD	CVE-2011-4089	16 Apr 201418:37	–	nvd
OpenVAS	Ubuntu: Security Advisory (USN-1308-1)	16 Dec 201100:00	–	openvas
OpenVAS	Ubuntu Update for bzip2 USN-1308-1	16 Dec 201100:00	–	openvas
OSV	DEBIAN-CVE-2011-4089	16 Apr 201418:37	–	osv
Packet Storm	bzexe /tmp Race Condition	6 Nov 201100:00	–	packetstorm

OS	OS Version	Architecture	Package	Package Version	Filename
Ubuntu	8.04	any	bzip2	1.0.4-2ubuntu4.2	bzip2_1.0.4-2ubuntu4.2_any.deb
Ubuntu	10.04	any	bzip2	1.0.5-4ubuntu0.2	bzip2_1.0.5-4ubuntu0.2_any.deb
Ubuntu	10.10	any	bzip2	1.0.5-4ubuntu1.1	bzip2_1.0.5-4ubuntu1.1_any.deb
Ubuntu	11.04	any	bzip2	1.0.5-6ubuntu1.11.04.1	bzip2_1.0.5-6ubuntu1.11.04.1_any.deb
Ubuntu	11.10	any	bzip2	1.0.5-6ubuntu1.11.10.1	bzip2_1.0.5-6ubuntu1.11.10.1_any.deb

Source	Link
ubuntu	www.ubuntu.com/security/notices/USN-1308-1
cve	www.cve.org/CVERecord

24 Jul 2024 15:57Current

6.2Medium risk

Vulners AI Score6.2

CVSS 24.6

EPSS0.00152

cve-2011-4089 compressed executables temporary files local users arbitrary code vulnerability