Users of bzip2 please be advised of an integer-overflow vulnerability that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)
Amplify’d from www.criticalwatch.com
USN-986-1: [USN-986-1] bzip2 integer-overflow vulnerability
Details follow:
An integer overflow was discovered in bzip2. If a user or automated system
were tricked into decompressing a crafted bz2 file, an attacker could cause
bzip2 or any application linked against libbz2 to crash or possibly execute
code as the user running the program.
Read more at www.criticalwatch.com
See this Amp at http://bit.ly/bhoH8c
No comments:
Post a Comment