Описание
RPM before 4.9.1.3 does not properly validate region tags, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an invalid region tag in a package header to the (1) headerLoad, (2) rpmReadSignature, or (3) headerVerify function.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 4.9.1.3-2 |
| hardy | ignored | end of life |
| lucid | released | 4.7.2-1lubuntu0.1 |
| maverick | ignored | end of life |
| natty | ignored | end of life |
| oneiric | released | 4.9.0-7ubuntu0.1 |
| precise | released | 4.9.1.1-1ubuntu0.1 |
| quantal | not-affected | 4.9.1.3-2 |
| upstream | released | 4.9.1.3 |
Показывать по
EPSS
6.8 Medium
CVSS2
Связанные уязвимости
RPM before 4.9.1.3 does not properly validate region tags, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an invalid region tag in a package header to the (1) headerLoad, (2) rpmReadSignature, or (3) headerVerify function.
RPM before 4.9.1.3 does not properly validate region tags, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an invalid region tag in a package header to the (1) headerLoad, (2) rpmReadSignature, or (3) headerVerify function.
RPM before 4.9.1.3 does not properly validate region tags, which allow ...
RPM before 4.9.1.3 does not properly validate region tags, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an invalid region tag in a package header to the (1) headerLoad, (2) rpmReadSignature, or (3) headerVerify function.
EPSS
6.8 Medium
CVSS2