CVE-2005-1260
bzip2 - infinite loop
EPSS 9.8%
Description
bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb").
How to fix CVE-2005-1260
To remediate CVE-2005-1260, upgrade the affected package to a fixed version below.
- Debian/bzip2—upgrade to 1.0.2-7 or later
- Debian/bzip2—upgrade to 1.0.2-1.woody5 or later
Is CVE-2005-1260 being exploited?
Moderate — EPSS is 9.8%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (2)
- from 0, < 1.0.2-7
- from 0, < 1.0.2-1.woody5