Lucene search

MitreCVE-2001-0923

HistoryFeb 02, 2002 - 5:00 a.m.

CVE-2001-0923

2002-02-0205:00:00

mitre

web.nvd.nist.gov

rpm

package manager

cve-2001-0923

corrupted data

code execution

vulnerability

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

Low

EPSS

0.001

Percentile

46.5%

JSON

RPM Package Manager 4.0.x through 4.0.2.x allows an attacker to execute arbitrary code via corrupted data in the RPM file when the file is queried.

Affected configurations

Nvd

Node

redhatredhat_package_managerMatch4.0.2-71

redhatredhat_package_managerMatch4.0.2-72

VendorProductVersionCPE
redhatredhat_package_manager4.0.2-71cpe:2.3:a:redhat:redhat_package_manager:4.0.2-71:*:*:*:*:*:*:*
redhatredhat_package_manager4.0.2-72cpe:2.3:a:redhat:redhat_package_manager:4.0.2-72:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
redhat	redhat_package_manager	4.0.2-71	cpe:2.3:a:redhat:redhat_package_manager:4.0.2-71:::::::*
redhat	redhat_package_manager	4.0.2-72	cpe:2.3:a:redhat:redhat_package_manager:4.0.2-72:::::::*

References

distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000440

www.securityfocus.com/archive/1/222542

www.securityfocus.com/bid/3472

exchange.xforce.ibmcloud.com/vulnerabilities/7349

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

Low

EPSS

0.001

Percentile

46.5%

JSON

Related for CVE-2001-0923