Lucene search

PRIOn knowledge basePRION:CVE-2010-2197

HistoryJun 08, 2010 - 6:30 p.m.

Design/Logic Flaw

2010-06-0818:30:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

Low

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

0.003 Low

EPSS

Percentile

65.3%

JSON

rpmbuild in RPM 4.8.0 and earlier does not properly parse the syntax of spec files, which allows user-assisted remote attackers to remove home directories via vectors involving a ;~ (semicolon tilde) sequence in a Name tag.

CPENameOperatorVersion
rpmeq2.3.5
rpmeq4.4.2.1
rpmeq1.4.3
rpmeq3.0.1
rpmeq4.1
rpmeq2.2.3.11
rpmeq2.4.4
rpmeq2.3.8
rpmeq2.0.6
rpmeq1.4.4

Name	Operator	Version
rpm	eq	2.3.5
rpm	eq	4.4.2.1
rpm	eq	1.4.3
rpm	eq	3.0.1
rpm	eq	4.1
rpm	eq	2.2.3.11
rpm	eq	2.4.4
rpm	eq	2.3.8
rpm	eq	2.0.6
rpm	eq	1.4.4

Rows per page:

1-10 of 931

References

bugzilla.redhat.com/show_bug.cgi?id=125517

exchange.xforce.ibmcloud.com/vulnerabilities/59423

7 High

AI Score

Confidence

Low

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

0.003 Low

EPSS

Percentile

65.3%

JSON

Related for PRION:CVE-2010-2197