The headerVerifyInfo function in lib/header.c in RPM before 4.9.1.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a negative value in a region offset of a package header, which is not properly handled in a numeric range comparison.
Vector
NETWORK
Complexity
MEDIUM
Authentication
NONE
Confidentiality
PARTIAL
Integrity
PARTIAL
Availability
PARTIAL
RPM RPM Package Manager 4.9.0 alpha
RPM RPM Package Manager 4.9.0
RPM RPM Package Manager 4.8.1
RPM RPM Package Manager 4.8.0
RPM RPM Package Manager 4.7.2
RPM RPM Package Manager 4.7.1
RPM RPM Package Manager 4.7.0
RPM RPM Package Manager 4.6.1
RPM RPM Package Manager 4.6.0-release candidate 4
RPM RPM Package Manager 4.6.0-release candidate 3
RPM RPM Package Manager 4.6.0-release candidate 2
RPM RPM Package Manager 4.6.0-release candidate 1
RPM RPM Package Manager 4.6.0
RPM RPM Package Manager 4.5.90
RPM RPM Package Manager 4.4.2.3
RPM RPM Package Manager 4.4.2.2
RPM RPM Package Manager 4.4.2.1
RPM RPM Package Manager 4.3
RPM RPM Package Manager 4.1
RPM RPM Package Manager 4.0.4
RPM RPM Package Manager 4.0.3
RPM RPM Package Manager 4.0.2
RPM RPM Package Manager 4.0.1
RPM RPM Package Manager 4.0
RPM RPM Package Manager 3.0.6
RPM RPM Package Manager 3.0.5
RPM RPM Package Manager 3.0.4
RPM RPM Package Manager 3.0.3
RPM RPM Package Manager 3.0.2
RPM RPM Package Manager 3.0.1
RPM RPM Package Manager 3.0
RPM RPM Package Manager 2.4.7
RPM RPM Package Manager 2.5.6
RPM RPM Package Manager 2.5.5
RPM RPM Package Manager 2.5.4
RPM RPM Package Manager 2.5.3
RPM RPM Package Manager 2.5.2
RPM RPM Package Manager 2.5.1
RPM RPM Package Manager 2.5
RPM RPM Package Manager 2.4.12
RPM RPM Package Manager 2..11
RPM RPM Package Manager 2.4.9
RPM RPM Package Manager 2.4.8
RPM RPM Package Manager 2.4.6
RPM RPM Package Manager 2.4.5
RPM RPM Package Manager 2.4.4
RPM RPM Package Manager 2.4.3
RPM RPM Package Manager 2.4.2
RPM RPM Package Manager 2.4.1
RPM RPM Package Manager 2.3.9
RPM RPM Package Manager 2.3.9
RPM RPM Package Manager 2.3.7
RPM RPM Package Manager 2.3.6
RPM RPM Package Manager 2.3.5
RPM RPM Package Manager 2.3.4
RPM RPM Package Manager 2.3.3
RPM RPM Package Manager 2.3.2
RPM RPM Package Manager 2.3.1
RPM RPM Package Manager 2.3
RPM RPM Package Manager 2.2.11
RPM RPM Package Manager 2.2.10
RPM RPM Package Manager 2.2.9
RPM RPM Package Manager 2.2.8
RPM RPM Package Manager 2.2.7
RPM RPM Package Manager 2.2.6
RPM RPM Package Manager 2.2.5
RPM RPM Package Manager 2.2.4
RPM RPM Package Manager 2.3.11
RPM RPM Package Manager 2.3.10
RPM RPM Package Manager 2.2.3
RPM RPM Package Manager 2.2.2
RPM RPM Package Manager 2.2.1
RPM RPM Package Manager 2.1.2
RPM RPM Package Manager 2.2
RPM RPM Package Manager 2.1.1
RPM RPM Package Manager 2.1
RPM RPM Package Manager 2.0.11
RPM RPM Package Manager 2.0.10
RPM RPM Package Manager 2.0.9
RPM RPM Package Manager 2.0.8
RPM RPM Package Manager 2.0.7
RPM RPM Package Manager 2.0.6
RPM RPM Package Manager 2.0.5
RPM RPM Package Manager 2.0.4
RPM RPM Package Manager 2.0.3
RPM RPM Package Manager 2.0.2
RPM RPM Package Manager 2.0.1
RPM RPM Package Manager 2.0
RPM RPM Package Manager 1.4.7
RPM RPM Package Manager 1.4.6
RPM RPM Package Manager 1.4.5
RPM RPM Package Manager 1.4.4
RPM RPM Package Manager 1.4.3
RPM RPM Package Manager 1.4.2/a
RPM RPM Package Manager 1.4.2
RPM RPM Package Manager 1.4.1
RPM RPM Package Manager 1.4
RPM RPM Package Manager 1.3.1
RPM RPM Package Manager 1.3
RPM RPM Package Manager 1.2
RPM RPM Package Manager 4.9.0 beta1
RPM RPM Package Manager 4.9.0 release candidate 1
RPM RPM Package Manager 4.9.1
RPM RPM Package Manager 4.9.1.1
RPM RPM Package Manager 4.9.1.2