Описание
Race condition in RPM 4.11.1 and earlier allows remote attackers to execute arbitrary code via a crafted RPM file whose installation extracts the contents to temporary files before validating the signature, as demonstrated by installing a file in the /etc/cron.d directory.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 4.11.3-1.1 |
| esm-infra-legacy/trusty | released | 4.11.1-3ubuntu0.1 |
| lucid | ignored | end of life |
| precise | released | 4.9.1.1-1ubuntu0.3 |
| trusty | released | 4.11.1-3ubuntu0.1 |
| trusty/esm | released | 4.11.1-3ubuntu0.1 |
| upstream | released | 4.11.3-1.1 |
| utopic | released | 4.11.2-3ubuntu0.1 |
Показывать по
7.6 High
CVSS2
Связанные уязвимости
Race condition in RPM 4.11.1 and earlier allows remote attackers to execute arbitrary code via a crafted RPM file whose installation extracts the contents to temporary files before validating the signature, as demonstrated by installing a file in the /etc/cron.d directory.
Race condition in RPM 4.11.1 and earlier allows remote attackers to execute arbitrary code via a crafted RPM file whose installation extracts the contents to temporary files before validating the signature, as demonstrated by installing a file in the /etc/cron.d directory.
Race condition in RPM 4.11.1 and earlier allows remote attackers to ex ...
Race condition in RPM 4.11.1 and earlier allows remote attackers to execute arbitrary code via a crafted RPM file whose installation extracts the contents to temporary files before validating the signature, as demonstrated by installing a file in the /etc/cron.d directory.
7.6 High
CVSS2