CVE-2008-1372

Published: 18 March 2008

bzlib.c in bzip2 before 1.0.5 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted file that triggers a buffer over-read, as demonstrated by the PROTOS GENOME test suite for Archive Formats.

Priority

Medium

Status

Package Release Status
bzip2
Launchpad, Ubuntu, Debian
Upstream
Released (1.0.5)