2012-06-04 22:55:01 2018-01-18 03:29:07

The headerVerifyInfo function in lib/header.c in RPM before 4.9.1.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a negative value in a region offset of a package header, which is not properly handled in a numeric range comparison.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL
RPM RPM Package Manager 4.9.0 alpha RPM RPM Package Manager 4.9.0 RPM RPM Package Manager 4.8.1 RPM RPM Package Manager 4.8.0 RPM RPM Package Manager 4.7.2 RPM RPM Package Manager 4.7.1 RPM RPM Package Manager 4.7.0 RPM RPM Package Manager 4.6.1 RPM RPM Package Manager 4.6.0-release candidate 4 RPM RPM Package Manager 4.6.0-release candidate 3 RPM RPM Package Manager 4.6.0-release candidate 2 RPM RPM Package Manager 4.6.0-release candidate 1 RPM RPM Package Manager 4.6.0 RPM RPM Package Manager 4.5.90 RPM RPM Package Manager 4.4.2.3 RPM RPM Package Manager 4.4.2.2 RPM RPM Package Manager 4.4.2.1 RPM RPM Package Manager 4.3 RPM RPM Package Manager 4.1 RPM RPM Package Manager 4.0.4 RPM RPM Package Manager 4.0.3 RPM RPM Package Manager 4.0.2 RPM RPM Package Manager 4.0.1 RPM RPM Package Manager 4.0 RPM RPM Package Manager 3.0.6 RPM RPM Package Manager 3.0.5 RPM RPM Package Manager 3.0.4 RPM RPM Package Manager 3.0.3 RPM RPM Package Manager 3.0.2 RPM RPM Package Manager 3.0.1 RPM RPM Package Manager 3.0 RPM RPM Package Manager 2.4.7 RPM RPM Package Manager 2.5.6 RPM RPM Package Manager 2.5.5 RPM RPM Package Manager 2.5.4 RPM RPM Package Manager 2.5.3 RPM RPM Package Manager 2.5.2 RPM RPM Package Manager 2.5.1 RPM RPM Package Manager 2.5 RPM RPM Package Manager 2.4.12 RPM RPM Package Manager 2..11 RPM RPM Package Manager 2.4.9 RPM RPM Package Manager 2.4.8 RPM RPM Package Manager 2.4.6 RPM RPM Package Manager 2.4.5 RPM RPM Package Manager 2.4.4 RPM RPM Package Manager 2.4.3 RPM RPM Package Manager 2.4.2 RPM RPM Package Manager 2.4.1 RPM RPM Package Manager 2.3.9 RPM RPM Package Manager 2.3.9 RPM RPM Package Manager 2.3.7 RPM RPM Package Manager 2.3.6 RPM RPM Package Manager 2.3.5 RPM RPM Package Manager 2.3.4 RPM RPM Package Manager 2.3.3 RPM RPM Package Manager 2.3.2 RPM RPM Package Manager 2.3.1 RPM RPM Package Manager 2.3 RPM RPM Package Manager 2.2.11 RPM RPM Package Manager 2.2.10 RPM RPM Package Manager 2.2.9 RPM RPM Package Manager 2.2.8 RPM RPM Package Manager 2.2.7 RPM RPM Package Manager 2.2.6 RPM RPM Package Manager 2.2.5 RPM RPM Package Manager 2.2.4 RPM RPM Package Manager 2.3.11 RPM RPM Package Manager 2.3.10 RPM RPM Package Manager 2.2.3 RPM RPM Package Manager 2.2.2 RPM RPM Package Manager 2.2.1 RPM RPM Package Manager 2.1.2 RPM RPM Package Manager 2.2 RPM RPM Package Manager 2.1.1 RPM RPM Package Manager 2.1 RPM RPM Package Manager 2.0.11 RPM RPM Package Manager 2.0.10 RPM RPM Package Manager 2.0.9 RPM RPM Package Manager 2.0.8 RPM RPM Package Manager 2.0.7 RPM RPM Package Manager 2.0.6 RPM RPM Package Manager 2.0.5 RPM RPM Package Manager 2.0.4 RPM RPM Package Manager 2.0.3 RPM RPM Package Manager 2.0.2 RPM RPM Package Manager 2.0.1 RPM RPM Package Manager 2.0 RPM RPM Package Manager 1.4.7 RPM RPM Package Manager 1.4.6 RPM RPM Package Manager 1.4.5 RPM RPM Package Manager 1.4.4 RPM RPM Package Manager 1.4.3 RPM RPM Package Manager 1.4.2/a RPM RPM Package Manager 1.4.2 RPM RPM Package Manager 1.4.1 RPM RPM Package Manager 1.4 RPM RPM Package Manager 1.3.1 RPM RPM Package Manager 1.3 RPM RPM Package Manager 1.2 RPM RPM Package Manager 4.9.0 beta1 RPM RPM Package Manager 4.9.0 release candidate 1 RPM RPM Package Manager 4.9.1 RPM RPM Package Manager 4.9.1.1 RPM RPM Package Manager 4.9.1.2