F5 Networks BIG-IP : bzip2 vulnerability (SOL15878)
Medium Nessus Plugin ID 79587
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionInteger overflow in the BZ2_decompress function in decompress.c in bzip2 and libbzip2 before 1.0.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted compressed file.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution SOL15878.