Описание
The headerLoad function in lib/header.c in RPM before 4.9.1.3 does not properly validate region tags, which allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large region size in a package header.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 4.9.1.3-2 |
| hardy | ignored | end of life |
| lucid | released | 4.7.2-1lubuntu0.1 |
| maverick | ignored | end of life |
| natty | ignored | end of life |
| oneiric | released | 4.9.0-7ubuntu0.1 |
| precise | released | 4.9.1.1-1ubuntu0.1 |
| quantal | not-affected | 4.9.1.3-2 |
| upstream | released | 4.9.1.3 |
Показывать по
6.8 Medium
CVSS2
Связанные уязвимости
The headerLoad function in lib/header.c in RPM before 4.9.1.3 does not properly validate region tags, which allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large region size in a package header.
The headerLoad function in lib/header.c in RPM before 4.9.1.3 does not properly validate region tags, which allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large region size in a package header.
The headerLoad function in lib/header.c in RPM before 4.9.1.3 does not ...
The headerLoad function in lib/header.c in RPM before 4.9.1.3 does not properly validate region tags, which allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large region size in a package header.
6.8 Medium
CVSS2