CVE
- Id
- 31489
- CVE No.
- CVE-2008-1372
- Status
- Candidate
- Description
- bzlib.c in bzip2 before 1.0.5 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted file that triggers a buffer over-read, as demonstrated by the PROTOS GENOME test suite for Archive Formats.
- Phase
- Assigned (20080318)
- Votes
- None (candidate not yet proposed)
- Comments
Related CVE References
| Id | CVE Id | CVE No. | Reference | Actions |
|---|---|---|---|---|
| 337279 | 31489 | CVE-2008-1372 | BUGTRAQ:20081203 VMSA-2008-0019 VMware Hosted products and patches for ESX and ESXi resolve a critical security issue and update bzip2 | View |
| 337280 | 31489 | CVE-2008-1372 | URL:http://www.securityfocus.com/archive/1/archive/1/498863/100/0/threaded | View |
| 337281 | 31489 | CVE-2008-1372 | BUGTRAQ:20080321 rPSA-2008-0118-1 bzip2 | View |
| 337282 | 31489 | CVE-2008-1372 | URL:http://www.securityfocus.com/archive/1/archive/1/489968/100/0/threaded | View |
| 337283 | 31489 | CVE-2008-1372 | MISC:http://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html | View |
| 337284 | 31489 | CVE-2008-1372 | MISC:http://www.ee.oulu.fi/research/ouspg/protos/testing/c10/archive/ | View |
| 337285 | 31489 | CVE-2008-1372 | CONFIRM:https://bugs.gentoo.org/attachment.cgi?id=146488&action=view | View |
| 337286 | 31489 | CVE-2008-1372 | CONFIRM:http://www.bzip.org/CHANGES | View |
| 337287 | 31489 | CVE-2008-1372 | CONFIRM:http://www.ipcop.org/index.php?name=News&file=article&sid=40 | View |
| 337288 | 31489 | CVE-2008-1372 | CONFIRM:http://kb.vmware.com/kb/1006982 | View |
| 337289 | 31489 | CVE-2008-1372 | CONFIRM:http://kb.vmware.com/kb/1007198 | View |
| 337290 | 31489 | CVE-2008-1372 | CONFIRM:http://kb.vmware.com/kb/1007504 | View |
| 337291 | 31489 | CVE-2008-1372 | CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0118 | View |
| 337292 | 31489 | CVE-2008-1372 | CONFIRM:http://support.apple.com/kb/HT3757 | View |
| 337293 | 31489 | CVE-2008-1372 | APPLE:APPLE-SA-2009-08-05-1 | View |
| 337294 | 31489 | CVE-2008-1372 | URL:http://lists.apple.com/archives/security-announce/2009/Aug/msg00001.html | View |
| 337295 | 31489 | CVE-2008-1372 | FEDORA:FEDORA-2008-2970 | View |
| 337296 | 31489 | CVE-2008-1372 | URL:https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00165.html | View |
| 337297 | 31489 | CVE-2008-1372 | FEDORA:FEDORA-2008-3037 | View |
| 337298 | 31489 | CVE-2008-1372 | URL:https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00225.html | View |
| 337299 | 31489 | CVE-2008-1372 | GENTOO:GLSA-200804-02 | View |
| 337300 | 31489 | CVE-2008-1372 | URL:http://www.gentoo.org/security/en/glsa/glsa-200804-02.xml | View |
| 337301 | 31489 | CVE-2008-1372 | GENTOO:GLSA-200903-40 | View |
| 337302 | 31489 | CVE-2008-1372 | URL:http://security.gentoo.org/glsa/glsa-200903-40.xml | View |
| 337303 | 31489 | CVE-2008-1372 | MANDRIVA:MDVSA-2008:075 | View |
| 337304 | 31489 | CVE-2008-1372 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:075 | View |
| 337305 | 31489 | CVE-2008-1372 | NETBSD:NetBSD-SA2008-004 | View |
| 337306 | 31489 | CVE-2008-1372 | URL:ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-004.txt.asc | View |
| 337307 | 31489 | CVE-2008-1372 | REDHAT:RHSA-2008:0893 | View |
| 337308 | 31489 | CVE-2008-1372 | URL:http://www.redhat.com/support/errata/RHSA-2008-0893.html | View |
| 337309 | 31489 | CVE-2008-1372 | SLACKWARE:SSA:2008-098-02 | View |
| 337310 | 31489 | CVE-2008-1372 | URL:http://www.slackware.org/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.473263 | View |
| 337311 | 31489 | CVE-2008-1372 | SUNALERT:241786 | View |
| 337312 | 31489 | CVE-2008-1372 | URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-241786-1 | View |
| 337313 | 31489 | CVE-2008-1372 | SUSE:SUSE-SR:2008:011 | View |
| 337314 | 31489 | CVE-2008-1372 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html | View |
| 337315 | 31489 | CVE-2008-1372 | UBUNTU:USN-590-1 | View |
| 337316 | 31489 | CVE-2008-1372 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-590-1 | View |
| 337317 | 31489 | CVE-2008-1372 | CERT:TA09-218A | View |
| 337318 | 31489 | CVE-2008-1372 | URL:http://www.us-cert.gov/cas/techalerts/TA09-218A.html | View |
| 337319 | 31489 | CVE-2008-1372 | CERT-VN:VU#813451 | View |
| 337320 | 31489 | CVE-2008-1372 | URL:http://www.kb.cert.org/vuls/id/813451 | View |
| 337321 | 31489 | CVE-2008-1372 | BID:28286 | View |
| 337322 | 31489 | CVE-2008-1372 | URL:http://www.securityfocus.com/bid/28286 | View |
| 337323 | 31489 | CVE-2008-1372 | OVAL:oval:org.mitre.oval:def:10067 | View |
| 337324 | 31489 | CVE-2008-1372 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10067 | View |
| 337325 | 31489 | CVE-2008-1372 | OVAL:oval:org.mitre.oval:def:6467 | View |
| 337326 | 31489 | CVE-2008-1372 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6467 | View |
| 337327 | 31489 | CVE-2008-1372 | SECUNIA:29497 | View |
| 337328 | 31489 | CVE-2008-1372 | URL:http://secunia.com/advisories/29497 | View |
| 337329 | 31489 | CVE-2008-1372 | SECUNIA:36096 | View |
| 337330 | 31489 | CVE-2008-1372 | URL:http://secunia.com/advisories/36096 | View |
| 337331 | 31489 | CVE-2008-1372 | VUPEN:ADV-2008-0915 | View |
| 337332 | 31489 | CVE-2008-1372 | URL:http://www.vupen.com/english/advisories/2008/0915 | View |
| 337333 | 31489 | CVE-2008-1372 | VUPEN:ADV-2008-2557 | View |
| 337334 | 31489 | CVE-2008-1372 | URL:http://www.vupen.com/english/advisories/2008/2557 | View |
| 337335 | 31489 | CVE-2008-1372 | SECTRACK:1020867 | View |
| 337336 | 31489 | CVE-2008-1372 | URL:http://www.securitytracker.com/id?1020867 | View |
| 337337 | 31489 | CVE-2008-1372 | SECUNIA:29475 | View |
| 337338 | 31489 | CVE-2008-1372 | URL:http://secunia.com/advisories/29475 | View |
| 337339 | 31489 | CVE-2008-1372 | SECUNIA:29410 | View |
| 337340 | 31489 | CVE-2008-1372 | URL:http://secunia.com/advisories/29410 | View |
| 337341 | 31489 | CVE-2008-1372 | SECUNIA:29506 | View |
| 337342 | 31489 | CVE-2008-1372 | URL:http://secunia.com/advisories/29506 | View |
| 337343 | 31489 | CVE-2008-1372 | SECUNIA:29677 | View |
| 337344 | 31489 | CVE-2008-1372 | URL:http://secunia.com/advisories/29677 | View |
| 337345 | 31489 | CVE-2008-1372 | SECUNIA:29698 | View |
| 337346 | 31489 | CVE-2008-1372 | URL:http://secunia.com/advisories/29698 | View |
| 337347 | 31489 | CVE-2008-1372 | SECUNIA:29656 | View |
| 337348 | 31489 | CVE-2008-1372 | URL:http://secunia.com/advisories/29656 | View |
| 337349 | 31489 | CVE-2008-1372 | SECUNIA:29940 | View |
| 337350 | 31489 | CVE-2008-1372 | URL:http://secunia.com/advisories/29940 | View |
| 337351 | 31489 | CVE-2008-1372 | SECUNIA:31204 | View |
| 337352 | 31489 | CVE-2008-1372 | URL:http://secunia.com/advisories/31204 | View |
| 337353 | 31489 | CVE-2008-1372 | SECUNIA:31869 | View |
| 337354 | 31489 | CVE-2008-1372 | URL:http://secunia.com/advisories/31869 | View |
| 337355 | 31489 | CVE-2008-1372 | SECUNIA:31878 | View |
| 337356 | 31489 | CVE-2008-1372 | URL:http://secunia.com/advisories/31878 | View |
| 337357 | 31489 | CVE-2008-1372 | VUPEN:ADV-2009-2172 | View |
| 337358 | 31489 | CVE-2008-1372 | URL:http://www.vupen.com/english/advisories/2009/2172 | View |
| 337359 | 31489 | CVE-2008-1372 | XF:bzip2-archives-code-execution(41249) | View |
Related JVN
| Id | JVN No. | Title | Summary | CVE No. | CVE Id | CVSS_v2 | CVSS_v3 | JVN URL | Actions |
|---|---|---|---|---|---|---|---|---|---|
| 46285 | JVNDB-2008-001595 | Red Hat Enterprise Linux 上の nfs-utils における TCP wrapper サポートが除外されている問題 | Red Hat Enterprise Linux 上の nfs-utils における Red Hat build script には、TCP wrapper のサポートが除外されていることによる、アクセス制限を回避される脆弱性が存在します。 | CVE-2008-1376 | 31489 | 7.5 | http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001595.html | View |
