Skip to main content

Numeric Errors

CVE-2009-1884

Severity Medium
Score 4.3/10

Summary

Off-by-one error in the "bzinflate" function in "Bzip2.xs" in the Compress-Raw-Bzip2 module before 2.018 for Perl allows context-dependent attackers to cause a Denial of Service (application hang or crash) via a crafted "bzip2" compressed stream that triggers a Buffer Overflow; related to issue CVE-2009-1391.

  • MEDIUM
  • NETWORK
  • NONE
  • NONE
  • NONE
  • PARTIAL

CWE-189 - Numeric Errors

Weaknesses in this category are related to improper calculation or conversion of numbers.

References

Advisory Timeline

  • Published