Lucene search
HistoryJun 08, 2010 - 6:30 p.m.
CVE-2010-2197
rpmbuild
rpm
cve-2010-2197
nvd
information security
vulnerability
spec files
remote attack
6.6 Medium
AI Score
Confidence
Low
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:P/A:P
0.003 Low
EPSS
Percentile
65.6%
rpmbuild in RPM 4.8.0 and earlier does not properly parse the syntax of spec files, which allows user-assisted remote attackers to remove home directories via vectors involving a ;~ (semicolon tilde) sequence in a Name tag.
Related
prion
prion
Design/Logic Flaw
2010-06-08 18:30:00
ubuntucve
ubuntucve
CVE-2010-2197
2010-06-08 00:00:00
debiancve
debiancve
CVE-2010-2197
2010-06-08 18:30:00
gentoo
gentoo
RPM: Multiple vulnerabilities
2012-06-24 00:00:00
nessus
nessus
GLSA-201206-26 : RPM: Multiple vulnerabilities
2012-06-25 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 201206-26 (RPM)
2012-08-10 00:00:00
Gentoo Security Advisory GLSA 201206-26 (RPM)
2012-08-10 00:00:00
6.6 Medium
AI Score
Confidence
Low
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:P/A:P
0.003 Low
EPSS
Percentile
65.6%
Related for CVE-2010-2197