Bzip: >> Bzip2 >> 0.9.5_c Security Vulnerabilities
Integer overflow in the BZ2_decompress function in decompress.c in bzip2 and libbzip2 before 1.0.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted compressed file.
CVSS Score
5.1
EPSS Score
0.092
Published
2010-09-28
Race condition in bzip2 1.0.2 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by bzip2 after the decompression is complete.
CVSS Score
3.7
EPSS Score
0.001
Published
2005-05-02