Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2012-0815HistoryJun 04, 2012 - 8:55 p.m.
CVE-2012-0815
2012-06-0420:55:00
Debian Security Bug Tracker
security-tracker.debian.org
7
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.056 Low
EPSS
Percentile
93.2%
The headerVerifyInfo function in lib/header.c in RPM before 4.9.1.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a negative value in a region offset of a package header, which is not properly handled in a numeric range comparison.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | rpm | < 4.9.1.3-1 | rpm_4.9.1.3-1_all.deb |
| Debian | 11 | all | rpm | < 4.9.1.3-1 | rpm_4.9.1.3-1_all.deb |
| Debian | 10 | all | rpm | < 4.9.1.3-1 | rpm_4.9.1.3-1_all.deb |
| Debian | 999 | all | rpm | < 4.9.1.3-1 | rpm_4.9.1.3-1_all.deb |
| Debian | 13 | all | rpm | < 4.9.1.3-1 | rpm_4.9.1.3-1_all.deb |
Related
veracode
veracode
Arbitrary Code Execution
2020-04-10 01:10:31
cve
cve
CVE-2012-0815
2012-06-04 20:55:00
CVE-2011-3608
2017-07-24 16:29:00
ubuntucve
ubuntucve
CVE-2012-0815
2012-04-03 00:00:00
prion
prion
Hardcoded credentials
2012-06-04 20:55:00
oraclelinux
oraclelinux
rpm security update
2012-04-03 00:00:00
nessus
nessus
Amazon Linux AMI : rpm (ALAS-2012-61)
2013-09-04 00:00:00
SuSE 11.2 Security Update : RPM (SAT Patch Number 6191)
2013-01-25 00:00:00
Oracle Linux 4 / 5 / 6 : rpm (ELSA-2012-0451)
2013-07-12 00:00:00
openvas
openvas
CentOS Update for rpm CESA-2012:0451 centos6
2012-07-30 00:00:00
Fedora Update for rpm FEDORA-2012-5298
2012-08-30 00:00:00
CentOS Update for popt CESA-2012:0451 centos5
2012-07-30 00:00:00
centos
centos
popt, rpm security update
2012-04-03 17:07:58
redhat
redhat
(RHSA-2012:0451) Important: rpm security update
2012-04-03 00:00:00
(RHSA-2012:0531) Important: rhev-hypervisor6 security and bug fix update
2012-04-30 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: rpm-4.9.1.3-1.fc17
2012-04-12 03:27:10
[SECURITY] Fedora 16 Update: rpm-4.9.1.3-1.fc16
2012-04-22 03:42:55
[SECURITY] Fedora 15 Update: rpm-4.9.1.3-1.fc15
2012-04-22 03:24:37
amazon
amazon
Important: rpm
2012-04-05 12:49:00
ubuntu
ubuntu
RPM vulnerabilities
2013-01-17 00:00:00
osv
osv
rpm - security update
2015-01-28 00:00:00
debian
debian
[SECURITY] [DLA 140-1] rpm security update
2015-01-28 18:07:09
gentoo
gentoo
RPM: Multiple vulnerabilities
2012-06-24 00:00:00
vmware
vmware
VMware vSphere and vCOps updates to third party libraries
2012-08-30 00:00:00
VMware vSphere and vCOps updates to third party libraries
2012-08-30 00:00:00
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.056 Low
EPSS
Percentile
93.2%
Related for DEBIANCVE:CVE-2012-0815