bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb").
2005-05-19T04:00:00.000
2025-04-03T01:03:51.193
Deferred
CVSSv2: 5.0 (MEDIUM)
AV:N/AC:L/Au:N/C:N/I:N/A:P
10.0
2.9
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | bzip | bzip2 | < 1.0.3 | Yes |
Operating System | canonical | ubuntu_linux | 4.10 | Yes |
Operating System | canonical | ubuntu_linux | 5.04 | Yes |
Operating System | debian | debian_linux | 3.0 | Yes |
Operating System | debian | debian_linux | 3.1 | Yes |
Operating System | apple | mac_os_x | < 10.4.11 | Yes |