Unrated severityNVD Advisory· Published Aug 12, 2002· Updated Jun 16, 2026
CVE-2002-0760
CVE-2002-0760
Description
Race condition in bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, OpenLinux 3.1 and 3.1.1, and possibly other operating systems, decompresses files with world-readable permissions before setting the permissions to what is specified in the bzip2 archive, which could allow local users to read the files as they are being decompressed.
Affected products
11cpe:2.3:a:bzip:bzip2:0.9.0:*:*:*:*:*:*:*+ 10 more
- cpe:2.3:a:bzip:bzip2:0.9.0:*:*:*:*:*:*:*
- cpe:2.3:a:bzip:bzip2:0.9.0a:*:*:*:*:*:*:*
- cpe:2.3:a:bzip:bzip2:0.9.0b:*:*:*:*:*:*:*
- cpe:2.3:a:bzip:bzip2:0.9.0c:*:*:*:*:*:*:*
- cpe:2.3:a:bzip:bzip2:0.9.5a:*:*:*:*:*:*:*
- cpe:2.3:a:bzip:bzip2:0.9.5b:*:*:*:*:*:*:*
- cpe:2.3:a:bzip:bzip2:0.9.5c:*:*:*:*:*:*:*
- cpe:2.3:a:bzip:bzip2:0.9.5d:*:*:*:*:*:*:*
- cpe:2.3:a:bzip:bzip2:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:bzip:bzip2:1.0.1:*:*:*:*:*:*:*
- (no CPE)range: <1.0.2
Patches
Vulnerability mechanics
References
4- ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:25.bzip2.ascnvdPatchVendor Advisory
- www.iss.net/security_center/static/9127.phpnvdPatchVendor Advisory
- www.securityfocus.com/bid/4775nvdPatchVendor Advisory
- ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-039.0.txtnvd
News mentions
0No linked articles in our index yet.