[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] bzip2 CVE-2010-0405 integer overflow
From:       Solar Designer <solar () openwall ! com>
Date:       2010-09-21 11:33:01
Message-ID: 20100921113301.GB6101 () openwall ! com
[Download RAW message or body]

Hi,

Here's some analysis of this vulnerability and the changes in 1.0.6:

http://xorl.wordpress.com/2010/09/21/cve-2010-0405-bzip2-integer-overflow/

No conclusion on whether it is exploitable or not (and in what cases),
yet maybe this will save someone a few minutes.

Alexander
[prev in list] [next in list] [prev in thread] [next in thread]