VYPR
← All advisories
Unrated severityNVD Advisory· Published Aug 19, 2009· Updated Apr 23, 2026

CVE-2009-1884

CVE-2009-1884

Description

Off-by-one error in the bzinflate function in Bzip2.xs in the Compress-Raw-Bzip2 module before 2.018 for Perl allows context-dependent attackers to cause a denial of service (application hang or crash) via a crafted bzip2 compressed stream that triggers a buffer overflow, a related issue to CVE-2009-1391.

Affected products

16
  • Bzip/Compress Raw Bzip216 versions
    cpe:2.3:a:bzip:compress-raw-bzip2:*:*:*:*:*:*:*:*+ 15 more
    • cpe:2.3:a:bzip:compress-raw-bzip2:*:*:*:*:*:*:*:*range: <=2.017
    • cpe:2.3:a:bzip:compress-raw-bzip2:2.0.00_10:*:*:*:*:*:*:*
    • cpe:2.3:a:bzip:compress-raw-bzip2:2.0.00_12:*:*:*:*:*:*:*
    • cpe:2.3:a:bzip:compress-raw-bzip2:2.0.00_14:*:*:*:*:*:*:*
    • cpe:2.3:a:bzip:compress-raw-bzip2:2.0.01:*:*:*:*:*:*:*
    • cpe:2.3:a:bzip:compress-raw-bzip2:2.0.02:*:*:*:*:*:*:*
    • cpe:2.3:a:bzip:compress-raw-bzip2:2.0.03:*:*:*:*:*:*:*
    • cpe:2.3:a:bzip:compress-raw-bzip2:2.0.05:*:*:*:*:*:*:*
    • cpe:2.3:a:bzip:compress-raw-bzip2:2.0.06:*:*:*:*:*:*:*
    • cpe:2.3:a:bzip:compress-raw-bzip2:2.0.08:*:*:*:*:*:*:*
    • cpe:2.3:a:bzip:compress-raw-bzip2:2.0.09:*:*:*:*:*:*:*
    • cpe:2.3:a:bzip:compress-raw-bzip2:2.010:*:*:*:*:*:*:*
    • cpe:2.3:a:bzip:compress-raw-bzip2:2.011:*:*:*:*:*:*:*
    • cpe:2.3:a:bzip:compress-raw-bzip2:2.012:*:*:*:*:*:*:*
    • cpe:2.3:a:bzip:compress-raw-bzip2:2.014:*:*:*:*:*:*:*
    • cpe:2.3:a:bzip:compress-raw-bzip2:2.015:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

9

News mentions

0

No linked articles in our index yet.