← Back

CVE-2009-1884

nvd nist
Published: Aug 19, 2009Modified: Apr 23, 2026

JSON object

Loading...
4.3
Vector
AV:N/AC:M/Au:N/C:N/I:N/A:P
Exploitability: 8.6 / Impact: 2.9
Source: NVD

Description

Off-by-one error in the bzinflate function in Bzip2.xs in the Compress-Raw-Bzip2 module before 2.018 for Perl allows context-dependent attackers to cause a denial of service (application hang or crash) via a crafted bzip2 compressed stream that triggers a buffer overflow, a related issue to CVE-2009-1391.

Affected (16)

Bzip
1 product
Compress Raw Bzip2
Configuration A
16 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Bzip
Compress Raw Bzip2
Up to 2.017
Compress Raw Bzip2
Version 2.0.00_10
Compress Raw Bzip2
Version 2.0.00_12
Compress Raw Bzip2
Version 2.0.00_14
Compress Raw Bzip2
Version 2.0.01
Compress Raw Bzip2
Version 2.0.02
Compress Raw Bzip2
Version 2.0.03
Compress Raw Bzip2
Version 2.0.05
Compress Raw Bzip2
Version 2.0.06
Compress Raw Bzip2
Version 2.0.08
Compress Raw Bzip2
Version 2.0.09
Compress Raw Bzip2
Version 2.010
Compress Raw Bzip2
Version 2.011
Compress Raw Bzip2
Version 2.012
Compress Raw Bzip2
Version 2.014
Compress Raw Bzip2
Version 2.015
Running on/withPlatform Versions
Perl
Perl
All versions

Related CWEs

CWE-189
CWE-189

References (18)

Source: secalert@redhat.com
Vendor Advisory
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Patch
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.