CVE-2011-4089
Published: 04/16/2014 18:37:11
The bzexe command in bzip2 1.0.5 and earlier generates compressed executables that do not properly handle temporary files during extraction, which allows local users to execute arbitrary code by precreating a temporary directory.
MEDIUM
CVSS v2: 4.6
CVSS v2: 4.6
Status
| DocFilters Release | Package | State | Justification | Comment |
|---|---|---|---|---|
| 25.1 | bzip2 (1.0.8) | Not Affected | Code Not Present | 1.0.8 does not match CVE configuration. |
| 24.4 | bzip2 (1.0.8) | Not Affected | Code Not Present | 1.0.8 does not match CVE configuration. |
| 24.4.0 | bzip2 (1.0.8) | Not Affected | Code Not Present | 1.0.8 does not match CVE configuration. |
| 24.3 | bzip2 (1.0.8) | Not Affected | Code Not Present | 1.0.8 does not match CVE configuration. |
| 24.2.1 | bzip2 (1.0.8) | Not Affected | Code Not Present | 1.0.8 does not match CVE configuration. |
| 24.2 | bzip2 (1.0.8) | Not Affected | Code Not Present | 1.0.8 does not match CVE configuration. |
| 24.1 | bzip2 (1.0.8) | Not Affected | Code Not Present | 1.0.8 does not match CVE configuration. |
| 23.3 | bzip2 (1.0.8) | Not Affected | Code Not Present | 1.0.8 does not match CVE configuration. |
| 23.2.1 | bzip2 (1.0.6) | Not Affected | Code Not Present | 1.0.6 does not match CVE configuration. |
| 23.2 | bzip2 (1.0.6) | Not Affected | Code Not Present | 1.0.6 does not match CVE configuration. |
| 23.1 | bzip2 (1.0.6) | Not Affected | Code Not Present | 1.0.6 does not match CVE configuration. |
| 22.4 | bzip2 (1.0.6) | Not Affected | Code Not Present | 1.0.6 does not match CVE configuration. |
| 22.3 | bzip2 (1.0.6) | Not Affected | Code Not Present | 1.0.6 does not match CVE configuration. |
| 22.2 | bzip2 (1.0.6) | Not Affected | Code Not Present | 1.0.6 does not match CVE configuration. |
| 22.1 | bzip2 (1.0.6) | Not Affected | Code Not Present | 1.0.6 does not match CVE configuration. |
| 21.11.1 | bzip2 (1.0.6) | Not Affected | Code Not Present | 1.0.6 does not match CVE configuration. |
| 21.11 | bzip2 (1.0.6) | Not Affected | Code Not Present | 1.0.6 does not match CVE configuration. |
| 21.8.1 | bzip2 (1.0.6) | Not Affected | Code Not Present | 1.0.6 does not match CVE configuration. |
| 21.8 | bzip2 (1.0.6) | Not Affected | Code Not Present | 1.0.6 does not match CVE configuration. |
| 21.5.1 | bzip2 (1.0.6) | Not Affected | Code Not Present | 1.0.6 does not match CVE configuration. |
| 21.5.0 | bzip2 (1.0.6) | Not Affected | Code Not Present | 1.0.6 does not match CVE configuration. |
| 21.2.0 | bzip2 (1.0.6) | Not Affected | Code Not Present | 1.0.6 does not match CVE configuration. |
| 11.4.20 | bzip2 (1.0.6) | Not Affected | Code Not Present | 1.0.6 does not match CVE configuration. |
| 11.4.19.3667 | bzip2 (1.0.6) | Not Affected | Code Not Present | 1.0.6 does not match CVE configuration. |
| 11.4.18.3599 | bzip2 (1.0.6) | Not Affected | Code Not Present | 1.0.6 does not match CVE configuration. |
| 11.4.17 | bzip2 (1.0.6) | Not Affected | Code Not Present | 1.0.6 does not match CVE configuration. |
| 11.4.16.3445 | bzip2 (1.0.6) | Not Affected | Code Not Present | 1.0.6 does not match CVE configuration. |
| 11.4.15.3368 | bzip2 (1.0.6) | Not Affected | Code Not Present | 1.0.6 does not match CVE configuration. |
| 11.4.14.3263 | bzip2 (1.0.6) | Not Affected | Code Not Present | 1.0.6 does not match CVE configuration. |
| 11.4.13.3179 | bzip2 (1.0.6) | Not Affected | Code Not Present | 1.0.6 does not match CVE configuration. |
| 11.4.12.3054 | bzip2 (1.0.6) | Not Affected | Code Not Present | 1.0.6 does not match CVE configuration. |
| 11.4.11.3040 | bzip2 (1.0.6) | Not Affected | Code Not Present | 1.0.6 does not match CVE configuration. |
| 11.4.11.2990 | bzip2 (1.0.6) | Not Affected | Code Not Present | 1.0.6 does not match CVE configuration. |
| 11.4.10.2934 | bzip2 (1.0.6) | Not Affected | Code Not Present | 1.0.6 does not match CVE configuration. |
| 11.4.9.2878 | bzip2 (1.0.6) | Not Affected | Code Not Present | 1.0.6 does not match CVE configuration. |
| 11.4.8.2822 | bzip2 (1.0.6) | Not Affected | Code Not Present | 1.0.6 does not match CVE configuration. |