logo
DATABASE RESOURCES PRICING ABOUT US

Amazon Linux AMI : rpm (ALAS-2012-61)

Description

Multiple flaws were found in the way RPM parsed package file headers. An attacker could create a specially crafted RPM package that, when its package header was accessed, or during package signature verification, could cause an application using the RPM library (such as the rpm command line tool, or the yum and up2date package managers) to crash or, potentially, execute arbitrary code. (CVE-2012-0060 , CVE-2012-0061 , CVE-2012-0815)


Related