VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-569v-spq6-dbhv

Vulnerability ID	VCID-569v-spq6-dbhv
Aliases	CVE-2011-4089
Summary	The bzexe command in bzip2 1.0.5 and earlier generates compressed executables that do not properly handle temporary files during extraction, which allows local users to execute arbitrary code by precreating a temporary directory.
Status	Published
Exploitability	2.0
Weighted Severity	0.0
Risk	None
Affected and Fixed Packages	Package Details

Weaknesses (0)

There are no known CWE.

System	Score	Found at
epss	0.00152	https://api.first.org/data/v1/epss?cve=CVE-2011-4089
epss	0.00152	https://api.first.org/data/v1/epss?cve=CVE-2011-4089
epss	0.00152	https://api.first.org/data/v1/epss?cve=CVE-2011-4089
epss	0.00152	https://api.first.org/data/v1/epss?cve=CVE-2011-4089
epss	0.00152	https://api.first.org/data/v1/epss?cve=CVE-2011-4089
epss	0.00152	https://api.first.org/data/v1/epss?cve=CVE-2011-4089
epss	0.00152	https://api.first.org/data/v1/epss?cve=CVE-2011-4089
epss	0.00152	https://api.first.org/data/v1/epss?cve=CVE-2011-4089
epss	0.00152	https://api.first.org/data/v1/epss?cve=CVE-2011-4089
epss	0.00152	https://api.first.org/data/v1/epss?cve=CVE-2011-4089

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4089.json
		https://api.first.org/data/v1/epss?cve=CVE-2011-4089
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4089
632862		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=632862
CVE-2011-4089;OSVDB-77356	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/18147.c
USN-1308-1		https://usn.ubuntu.com/1308-1/

There are no known vectors.

Exploit Prediction Scoring System (EPSS)

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T15:01:19.809897+00:00	RedHat Importer	Import	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4089.json	38.0.0