Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2002-0761

bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, OpenLinux 3.1 and 3.1.1, and possibly systems, uses the permissions of symbolic links instead of the actual files when creating an archive, which could cause the files to be extracted with less restrictive permissions than intended.

  • Published: Aug 12, 2002
  • Updated: Apr 13, 2023
  • CVE: CVE-2002-0761
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 2.1
  • AV:L/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Software From Fixed in
bzip / bzip2 1.0 1.0.x
bzip / bzip2 0.9.5d 0.9.5d.x
bzip / bzip2 0.9.0a 0.9.0a.x
bzip / bzip2 0.9.0 0.9.0.x
bzip / bzip2 0.9.5a 0.9.5a.x
bzip / bzip2 0.9.5b 0.9.5b.x
bzip / bzip2 0.9.0c 0.9.0c.x
bzip / bzip2 1.0.1 1.0.1.x
bzip / bzip2 0.9.5c 0.9.5c.x
bzip / bzip2 0.9.0b 0.9.0b.x