{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:45:12.275Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-986-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-986-3"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=clamav-0.96.3"
          },
          {
            "name": "FEDORA-2010-17439",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051278.html"
          },
          {
            "name": "USN-986-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-986-1"
          },
          {
            "name": "USN-986-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-986-2"
          },
          {
            "name": "41452",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/41452"
          },
          {
            "name": "42404",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42404"
          },
          {
            "name": "48378",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48378"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2230"
          },
          {
            "name": "ADV-2010-3073",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/3073"
          },
          {
            "name": "ADV-2010-2455",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/2455"
          },
          {
            "name": "APPLE-SA-2011-03-21-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
          },
          {
            "name": "42530",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42530"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2231"
          },
          {
            "name": "[oss-security] 20100921 bzip2 CVE-2010-0405 integer overflow",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=oss-security\u0026m=128506868510655\u0026w=2"
          },
          {
            "name": "42529",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42529"
          },
          {
            "name": "20101207 VMSA-2010-0019 VMware ESX third party updates for Service Console",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/515055/100/0/threaded"
          },
          {
            "name": "41505",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/41505"
          },
          {
            "name": "ADV-2010-3052",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/3052"
          },
          {
            "name": "RHSA-2010:0703",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0703.html"
          },
          {
            "name": "RHSA-2010:0858",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0858.html"
          },
          {
            "name": "FEDORA-2010-1512",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051366.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://blogs.sun.com/security/entry/cve_2010_0405_integer_overflow"
          },
          {
            "name": "42405",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42405"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://xorl.wordpress.com/2010/09/21/cve-2010-0405-bzip2-integer-overflow/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=627882"
          },
          {
            "name": "ADV-2010-3126",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/3126"
          },
          {
            "name": "GLSA-201301-05",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201301-05.xml"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2010-0019.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.bzip.org/"
          },
          {
            "name": "ADV-2010-3127",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/3127"
          },
          {
            "name": "ADV-2010-3043",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/3043"
          },
          {
            "name": "SUSE-SR:2010:018",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html"
          },
          {
            "name": "42350",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42350"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4581"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-09-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in the BZ2_decompress function in decompress.c in bzip2 and libbzip2 before 1.0.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted compressed file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-10T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-986-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-986-3"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=clamav-0.96.3"
        },
        {
          "name": "FEDORA-2010-17439",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051278.html"
        },
        {
          "name": "USN-986-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-986-1"
        },
        {
          "name": "USN-986-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-986-2"
        },
        {
          "name": "41452",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/41452"
        },
        {
          "name": "42404",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42404"
        },
        {
          "name": "48378",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48378"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2230"
        },
        {
          "name": "ADV-2010-3073",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/3073"
        },
        {
          "name": "ADV-2010-2455",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/2455"
        },
        {
          "name": "APPLE-SA-2011-03-21-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
        },
        {
          "name": "42530",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42530"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2231"
        },
        {
          "name": "[oss-security] 20100921 bzip2 CVE-2010-0405 integer overflow",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://marc.info/?l=oss-security\u0026m=128506868510655\u0026w=2"
        },
        {
          "name": "42529",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42529"
        },
        {
          "name": "20101207 VMSA-2010-0019 VMware ESX third party updates for Service Console",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/515055/100/0/threaded"
        },
        {
          "name": "41505",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/41505"
        },
        {
          "name": "ADV-2010-3052",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/3052"
        },
        {
          "name": "RHSA-2010:0703",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0703.html"
        },
        {
          "name": "RHSA-2010:0858",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0858.html"
        },
        {
          "name": "FEDORA-2010-1512",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051366.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://blogs.sun.com/security/entry/cve_2010_0405_integer_overflow"
        },
        {
          "name": "42405",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42405"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://xorl.wordpress.com/2010/09/21/cve-2010-0405-bzip2-integer-overflow/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=627882"
        },
        {
          "name": "ADV-2010-3126",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/3126"
        },
        {
          "name": "GLSA-201301-05",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201301-05.xml"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2010-0019.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.bzip.org/"
        },
        {
          "name": "ADV-2010-3127",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/3127"
        },
        {
          "name": "ADV-2010-3043",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/3043"
        },
        {
          "name": "SUSE-SR:2010:018",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html"
        },
        {
          "name": "42350",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42350"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4581"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-0405",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in the BZ2_decompress function in decompress.c in bzip2 and libbzip2 before 1.0.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted compressed file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-986-3",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-986-3"
            },
            {
              "name": "http://git.clamav.net/gitweb?p=clamav-devel.git;a=blob_plain;f=ChangeLog;hb=clamav-0.96.3",
              "refsource": "CONFIRM",
              "url": "http://git.clamav.net/gitweb?p=clamav-devel.git;a=blob_plain;f=ChangeLog;hb=clamav-0.96.3"
            },
            {
              "name": "FEDORA-2010-17439",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051278.html"
            },
            {
              "name": "USN-986-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-986-1"
            },
            {
              "name": "USN-986-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-986-2"
            },
            {
              "name": "41452",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/41452"
            },
            {
              "name": "42404",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/42404"
            },
            {
              "name": "48378",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48378"
            },
            {
              "name": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2230",
              "refsource": "CONFIRM",
              "url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2230"
            },
            {
              "name": "ADV-2010-3073",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/3073"
            },
            {
              "name": "ADV-2010-2455",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/2455"
            },
            {
              "name": "APPLE-SA-2011-03-21-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
            },
            {
              "name": "42530",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/42530"
            },
            {
              "name": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2231",
              "refsource": "CONFIRM",
              "url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2231"
            },
            {
              "name": "[oss-security] 20100921 bzip2 CVE-2010-0405 integer overflow",
              "refsource": "MLIST",
              "url": "http://marc.info/?l=oss-security\u0026m=128506868510655\u0026w=2"
            },
            {
              "name": "42529",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/42529"
            },
            {
              "name": "20101207 VMSA-2010-0019 VMware ESX third party updates for Service Console",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/515055/100/0/threaded"
            },
            {
              "name": "41505",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/41505"
            },
            {
              "name": "ADV-2010-3052",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/3052"
            },
            {
              "name": "RHSA-2010:0703",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0703.html"
            },
            {
              "name": "RHSA-2010:0858",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0858.html"
            },
            {
              "name": "FEDORA-2010-1512",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051366.html"
            },
            {
              "name": "http://blogs.sun.com/security/entry/cve_2010_0405_integer_overflow",
              "refsource": "CONFIRM",
              "url": "http://blogs.sun.com/security/entry/cve_2010_0405_integer_overflow"
            },
            {
              "name": "42405",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/42405"
            },
            {
              "name": "http://xorl.wordpress.com/2010/09/21/cve-2010-0405-bzip2-integer-overflow/",
              "refsource": "CONFIRM",
              "url": "http://xorl.wordpress.com/2010/09/21/cve-2010-0405-bzip2-integer-overflow/"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=627882",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=627882"
            },
            {
              "name": "ADV-2010-3126",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/3126"
            },
            {
              "name": "GLSA-201301-05",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201301-05.xml"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2010-0019.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2010-0019.html"
            },
            {
              "name": "http://www.bzip.org/",
              "refsource": "CONFIRM",
              "url": "http://www.bzip.org/"
            },
            {
              "name": "ADV-2010-3127",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/3127"
            },
            {
              "name": "ADV-2010-3043",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/3043"
            },
            {
              "name": "SUSE-SR:2010:018",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html"
            },
            {
              "name": "42350",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/42350"
            },
            {
              "name": "http://support.apple.com/kb/HT4581",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4581"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-0405",
    "datePublished": "2010-09-28T17:00:00",
    "dateReserved": "2010-01-27T00:00:00",
    "dateUpdated": "2024-08-07T00:45:12.275Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:bzip:bzip2:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EDE642C-0199-43BD-8A86-4C01950D3D12",
              "versionEndIncluding": "1.0.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bzip:bzip2:0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "3852E705-516A-4A5E-8095-93DCF8DB15DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bzip:bzip2:0.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "325C63C7-740D-42E1-B8B1-51125DE57F61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bzip:bzip2:0.9.0a:*:*:*:*:*:*:*",
              "matchCriteriaId": "550690C7-32D0-4126-B272-D2254A2EF434",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bzip:bzip2:0.9.0b:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE746CF-6890-4259-A9DB-5F77B592D1E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bzip:bzip2:0.9.0c:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C95FE39-842A-45D1-A858-D438C0C15B99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bzip:bzip2:0.9.5_a:*:*:*:*:*:*:*",
              "matchCriteriaId": "124E0E58-A7B3-4B3E-BEAD-76073A75A0DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bzip:bzip2:0.9.5_b:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F2C4072-C19D-45E0-9662-030F39BD2295",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bzip:bzip2:0.9.5_c:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1466AE9-B7E0-449C-BD25-54009833ED93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bzip:bzip2:0.9.5_d:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC309293-C48A-4931-9A81-359966C6BB40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bzip:bzip2:0.9.5a:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8AD6CE9-FCE5-4926-A1D1-0706DFE4A6D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bzip:bzip2:0.9.5b:*:*:*:*:*:*:*",
              "matchCriteriaId": "D54DD36D-7A6C-4649-855A-D81F29FFB6C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bzip:bzip2:0.9.5c:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B87D623-6CF8-4BDB-A9FB-CF07589AF1CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bzip:bzip2:0.9.5d:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FE3BFE7-75B6-4284-9EDC-78D452CD9174",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bzip:bzip2:0.9_a:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3992967-645A-45E1-979E-6866B50AA642",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bzip:bzip2:0.9_b:*:*:*:*:*:*:*",
              "matchCriteriaId": "980AE5B2-11A7-4672-B221-DF660F20667F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bzip:bzip2:0.9_c:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DC33019-390A-428F-B119-139CA5949AE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bzip:bzip2:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B10B3BF9-BE42-468D-89E8-8D4A5FEDC734",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bzip:bzip2:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E55F00B1-D48B-40A6-872F-959598D7E6E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bzip:bzip2:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB5DBC5B-C1C4-487E-B40D-8925FDA13D1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bzip:bzip2:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C02B0664-E473-4131-8228-96BB5FBC4F7F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bzip:bzip2:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "85E9A082-C20B-4BD7-8562-5E391F0205F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libzip2:libzip2:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE5990D0-499C-417F-B8C0-4DE8D5253EFD",
              "versionEndIncluding": "1.0.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer overflow in the BZ2_decompress function in decompress.c in bzip2 and libbzip2 before 1.0.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted compressed file."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de enteros en la funci\u00f3n BZ2_decompress en decompress.c en bzip2 y libbzip2 anterior v1.0.6 permite a atacantes dependientes del contexto causar una denegaci\u00f3n de servicio (ca\u00edda aplicaci\u00f3n) o probablemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de ficheros comprimidos manipulados. \r\n\r\n"
    }
  ],
  "id": "CVE-2010-0405",
  "lastModified": "2024-11-21T01:12:09.127",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.1,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2010-09-28T18:00:02.340",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://blogs.sun.com/security/entry/cve_2010_0405_integer_overflow"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=clamav-0.96.3"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051278.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051366.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=oss-security\u0026m=128506868510655\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/41452"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/41505"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/42350"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/42404"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/42405"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/42529"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/42530"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/48378"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-201301-05.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.apple.com/kb/HT4581"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.bzip.org/"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0703.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0858.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/515055/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/USN-986-2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/USN-986-3"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/usn-986-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vmware.com/security/advisories/VMSA-2010-0019.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2010/2455"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2010/3043"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2010/3052"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2010/3073"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2010/3126"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2010/3127"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://xorl.wordpress.com/2010/09/21/cve-2010-0405-bzip2-integer-overflow/"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=627882"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2230"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2231"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://blogs.sun.com/security/entry/cve_2010_0405_integer_overflow"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=clamav-0.96.3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051278.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051366.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=oss-security\u0026m=128506868510655\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/41452"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/41505"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/42350"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/42404"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/42405"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/42529"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/42530"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/48378"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-201301-05.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT4581"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.bzip.org/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0703.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0858.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/515055/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-986-2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-986-3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-986-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vmware.com/security/advisories/VMSA-2010-0019.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/2455"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/3043"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/3052"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/3073"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/3126"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/3127"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://xorl.wordpress.com/2010/09/21/cve-2010-0405-bzip2-integer-overflow/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=627882"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2230"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2231"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}