6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.056 Low
EPSS
Percentile
93.2%
Issue Overview:
Multiple flaws were found in the way RPM parsed package file headers. An attacker could create a specially-crafted RPM package that, when its package header was accessed, or during package signature verification, could cause an application using the RPM library (such as the rpm command line tool, or the yum and up2date package managers) to crash or, potentially, execute arbitrary code. (CVE-2012-0060, CVE-2012-0061, CVE-2012-0815)
Affected Packages:
rpm
Issue Correction:
Run yum update rpm to update your system.
New Packages:
i686:
rpm-python-4.8.0-19.38.amzn1.i686
rpm-build-4.8.0-19.38.amzn1.i686
rpm-cron-4.8.0-19.38.amzn1.i686
rpm-apidocs-4.8.0-19.38.amzn1.i686
rpm-libs-4.8.0-19.38.amzn1.i686
rpm-4.8.0-19.38.amzn1.i686
rpm-devel-4.8.0-19.38.amzn1.i686
rpm-debuginfo-4.8.0-19.38.amzn1.i686
src:
rpm-4.8.0-19.38.amzn1.src
x86_64:
rpm-4.8.0-19.38.amzn1.x86_64
rpm-python-4.8.0-19.38.amzn1.x86_64
rpm-debuginfo-4.8.0-19.38.amzn1.x86_64
rpm-devel-4.8.0-19.38.amzn1.x86_64
rpm-cron-4.8.0-19.38.amzn1.x86_64
rpm-build-4.8.0-19.38.amzn1.x86_64
rpm-apidocs-4.8.0-19.38.amzn1.x86_64
rpm-libs-4.8.0-19.38.amzn1.x86_64
Red Hat: CVE-2012-0060
Mitre: CVE-2012-0060
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Amazon Linux | 1 | i686 | rpm-python | < 4.8.0-19.38.amzn1 | rpm-python-4.8.0-19.38.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | rpm-build | < 4.8.0-19.38.amzn1 | rpm-build-4.8.0-19.38.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | rpm-cron | < 4.8.0-19.38.amzn1 | rpm-cron-4.8.0-19.38.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | rpm-apidocs | < 4.8.0-19.38.amzn1 | rpm-apidocs-4.8.0-19.38.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | rpm-libs | < 4.8.0-19.38.amzn1 | rpm-libs-4.8.0-19.38.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | rpm | < 4.8.0-19.38.amzn1 | rpm-4.8.0-19.38.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | rpm-devel | < 4.8.0-19.38.amzn1 | rpm-devel-4.8.0-19.38.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | rpm-debuginfo | < 4.8.0-19.38.amzn1 | rpm-debuginfo-4.8.0-19.38.amzn1.i686.rpm |
Amazon Linux | 1 | x86_64 | rpm | < 4.8.0-19.38.amzn1 | rpm-4.8.0-19.38.amzn1.x86_64.rpm |
Amazon Linux | 1 | x86_64 | rpm-python | < 4.8.0-19.38.amzn1 | rpm-python-4.8.0-19.38.amzn1.x86_64.rpm |