Computer Security

CVE-2009-1884
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



CVECVE-2009-1884
StatusUNKNOWN
DescriptionOff-by-one error in the bzinflate function in Bzip2.xs in the Compress-Raw-Bzip2 module before 2.018 for Perl allows context-dependent attackers to cause a denial of service (application hang or crash) via a crafted bzip2 compressed stream that triggers a buffer overflow, a related issue to CVE-2009-1391.
SeverityMedium
CVSS score4,3
CVSS vector(AV:N/AC:M/Au:N/C:N/I:N/A:P)
PhaseASSIGNED (02.09.2009)
NVD:http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1884
ReferencesBID : 36082
 CONFIRM : https://bugs.gentoo.org/show_bug.cgi?id=281955
 CONFIRM : https://bugzilla.redhat.com/show_bug.cgi?id=518278
 FEDORA : FEDORA-2009-8868
 FEDORA : FEDORA-2009-8888
 GENTOO : GLSA-200908-07
 SECUNIA : 36386
 SECUNIA : 36415
 XF : compressrawbzip2-bzinflate-dos(52628)
SecurityVulns:perl DoS
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server