CVE 2010-0405
Integer overflow in the BZ2_decompress function in decompress.c in bzip2 and libbzip2 before 1.0.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted compressed file.
Related bugs and status
CVE-2010-0405 (Candidate) is related to these bugs:
Bug #625849: Upcoming release fixes bzlib security issue
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 625849 | Upcoming release fixes bzlib security issue | clamav (Ubuntu) | Medium | Fix Released | ||
Bug #643682: DoS due to PDF parsing issues
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 643682 | DoS due to PDF parsing issues | clamav (Ubuntu) | Medium | Fix Released | ||
| 643682 | DoS due to PDF parsing issues | clamav (Ubuntu Hardy) | Undecided | Fix Released | ||
| 643682 | DoS due to PDF parsing issues | clamav (Ubuntu Maverick) | Medium | Fix Released | ||
| 643682 | DoS due to PDF parsing issues | clamav (Ubuntu Karmic) | Undecided | Fix Released | ||
| 643682 | DoS due to PDF parsing issues | clamav (Ubuntu Jaunty) | Undecided | Fix Released | ||
| 643682 | DoS due to PDF parsing issues | clamav (Ubuntu Dapper) | Undecided | Fix Released | ||
| 643682 | DoS due to PDF parsing issues | clamav (Ubuntu Lucid) | Undecided | Fix Released | ||
Bug #644707: FFe for clamav 0.96.3
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 644707 | FFe for clamav 0.96.3 | clamav (Ubuntu) | Medium | Fix Released | ||
Bug #653738: Microversion update SRU for clamav in Lucid
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 653738 | Microversion update SRU for clamav in Lucid | clamav (Ubuntu) | Undecided | Invalid | ||
| 653738 | Microversion update SRU for clamav in Lucid | clamav (Ubuntu Lucid) | High | Fix Released | ||
See the 
CVE page on Mitre.org
for more details.
