VulnerableCode Vulnerability Details

Search for vulnerabilities

System	Score	Found at
rhas	Moderate	https://access.redhat.com/errata/RHSA-2008:0893
epss	0.06896	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.06896	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.06896	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.06896	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.07482	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.07482	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.07482	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.07482	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.07482	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.07482	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.07482	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.07482	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.07482	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.07482	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.07482	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.07482	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.07482	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.07482	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.07482	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.07482	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.07482	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.07482	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.07482	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.07482	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.07482	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.07482	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.08606	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.08606	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.08606	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.08606	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.08606	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.08606	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.08606	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.08606	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.08606	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.10930	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.10930	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.10930	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.10945	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.10945	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.2044	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.2044	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.2044	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.2044	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.2044	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.2044	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.2044	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.2044	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.2044	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.2044	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.2044	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.2044	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.2044	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.2044	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.2044	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.2044	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.2044	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.2044	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.2044	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.2044	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.2044	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.2044	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.2044	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.2044	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
epss	0.41993	https://api.first.org/data/v1/epss?cve=CVE-2008-1372
rhbs	medium	https://bugzilla.redhat.com/show_bug.cgi?id=438118
cvssv2	4.3	https://nvd.nist.gov/vuln/detail/CVE-2008-1372

System

Score

Found at

rhas

Moderate

https://access.redhat.com/errata/RHSA-2008:0893

epss

0.06896

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.06896

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.06896

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.06896

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.07482

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.07482

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.07482

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.07482

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.07482

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.07482

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.07482

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.07482

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.07482

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.07482

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.07482

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.07482

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.07482

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.07482

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.07482

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.07482

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.07482

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.07482

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.07482

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.07482

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.07482

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.07482

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.08606

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.08606

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.08606

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.08606

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.08606

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.08606

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.08606

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.08606

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.08606

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.10930

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.10930

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.10930

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.10945

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.10945

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.2044

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.2044

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.2044

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.2044

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.2044

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.2044

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.2044

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.2044

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.2044

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.2044

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.2044

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.2044

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.2044

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.2044

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.2044

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.2044

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.2044

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.2044

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.2044

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.2044

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.2044

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.2044

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.2044

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.2044

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

epss

0.41993

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

rhbs

medium

https://bugzilla.redhat.com/show_bug.cgi?id=438118

cvssv2

4.3

https://nvd.nist.gov/vuln/detail/CVE-2008-1372

Reference id

Reference type

URL

ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-004.txt.asc

http://kb.vmware.com/kb/1006982

http://kb.vmware.com/kb/1007198

http://kb.vmware.com/kb/1007504

http://lists.apple.com/archives/security-announce/2009/Aug/msg00001.html

http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1372.json

https://api.first.org/data/v1/epss?cve=CVE-2008-1372

https://bugs.gentoo.org/attachment.cgi?id=146488&action=view

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1372

http://secunia.com/advisories/29410

http://secunia.com/advisories/29475

http://secunia.com/advisories/29497

http://secunia.com/advisories/29506

http://secunia.com/advisories/29656

http://secunia.com/advisories/29677

http://secunia.com/advisories/29698

http://secunia.com/advisories/29940

http://secunia.com/advisories/31204

http://secunia.com/advisories/31869

http://secunia.com/advisories/31878

http://secunia.com/advisories/36096

http://security.gentoo.org/glsa/glsa-200903-40.xml

https://exchange.xforce.ibmcloud.com/vulnerabilities/41249

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10067

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6467

http://sunsolve.sun.com/search/document.do?assetkey=1-26-241786-1

http://support.apple.com/kb/HT3757

https://usn.ubuntu.com/590-1/

https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00165.html

https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00225.html

http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0118

http://www.bzip.org/CHANGES

http://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html

http://www.ee.oulu.fi/research/ouspg/protos/testing/c10/archive/

http://www.gentoo.org/security/en/glsa/glsa-200804-02.xml

http://www.ipcop.org/index.php?name=News&file=article&sid=40

http://www.kb.cert.org/vuls/id/813451

http://www.mandriva.com/security/advisories?name=MDVSA-2008:075

http://www.redhat.com/support/errata/RHSA-2008-0893.html

http://www.securityfocus.com/archive/1/489968/100/0/threaded

http://www.securityfocus.com/archive/1/498863/100/0/threaded

http://www.securityfocus.com/bid/28286

http://www.securitytracker.com/id?1020867

http://www.slackware.org/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.473263

http://www.us-cert.gov/cas/techalerts/TA09-218A.html

http://www.vupen.com/english/advisories/2008/0915

http://www.vupen.com/english/advisories/2008/2557

http://www.vupen.com/english/advisories/2009/2172

438118

https://bugzilla.redhat.com/show_bug.cgi?id=438118

471670

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=471670

cpe:2.3:a:bzip:bzip2:0.9:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:0.9:*:*:*:*:*:*:*

cpe:2.3:a:bzip:bzip2:0.9.5a:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:0.9.5a:*:*:*:*:*:*:*

cpe:2.3:a:bzip:bzip2:0.9.5b:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:0.9.5b:*:*:*:*:*:*:*

cpe:2.3:a:bzip:bzip2:0.9.5c:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:0.9.5c:*:*:*:*:*:*:*

cpe:2.3:a:bzip:bzip2:0.9.5d:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:0.9.5d:*:*:*:*:*:*:*

cpe:2.3:a:bzip:bzip2:0.9_a:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:0.9_a:*:*:*:*:*:*:*

cpe:2.3:a:bzip:bzip2:0.9_b:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:0.9_b:*:*:*:*:*:*:*

cpe:2.3:a:bzip:bzip2:0.9_c:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:0.9_c:*:*:*:*:*:*:*

cpe:2.3:a:bzip:bzip2:1.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:1.0:*:*:*:*:*:*:*

cpe:2.3:a:bzip:bzip2:1.0.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:1.0.1:*:*:*:*:*:*:*

cpe:2.3:a:bzip:bzip2:1.0.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:1.0.2:*:*:*:*:*:*:*

cpe:2.3:a:bzip:bzip2:1.0.3:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:1.0.3:*:*:*:*:*:*:*

CVE-2008-1372

https://nvd.nist.gov/vuln/detail/CVE-2008-1372

GLSA-200804-02

https://security.gentoo.org/glsa/200804-02

GLSA-200903-40

https://security.gentoo.org/glsa/200903-40

RHSA-2008:0893

https://access.redhat.com/errata/RHSA-2008:0893

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.

There are no relevant records.

Vulnerability ID	VCID-hvhn-38c6-aaad
Aliases	CVE-2008-1372
Summary	bzlib.c in bzip2 before 1.0.5 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted file that triggers a buffer over-read, as demonstrated by the PROTOS GENOME test suite for Archive Formats.
Status	Published
Exploitability	0.5
Weighted Severity	6.2
Risk	3.1
Affected and Fixed Packages	Package Details

Percentile	0.90907
EPSS Score	0.06896
Published At	May 3, 2025, 12:55 p.m.