Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2011-3378
HistoryDec 24, 2011 - 7:55 p.m.

Memory corruption

2011-12-2419:55:00
PRIOn knowledge base
www.prio-n.com
7

8.1 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.058 Low

EPSS

Percentile

93.2%

JSON

RPM 4.4.x through 4.9.x, probably before 4.9.1.2, allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via an rpm package with crafted headers and offsets that are not properly handled when a package is queried or installed, related to (1) the regionSwab function, (2) the headerLoad function, and (3) multiple functions in rpmio/rpmpgp.c.

CPENameOperatorVersion
rpmeq4.4.2.1
rpmeq4.8.0
rpmeq4.4.2
rpmeq4.6.0
rpmeq4.4.2.2
rpmeq4.7.2
rpmeq4.7.0
rpmeq4.4.2.3
rpmeq4.6.1
rpmeq4.7.1
Rows per page:
1-10 of 121

Related

suse 3
nessus 20
openvas 28
oraclelinux 1
securityvulns 2
ubuntucve 1
amazon 1
fedora 3
veracode 1
redhat 2
cve 1
centos 1
debiancve 1
ubuntu 1
gentoo 1
vmware 2
suse
suse
Security update for popt (important)
2011-10-17 20:08:22
Security update for popt (important)
2011-11-02 23:08:26
rpm (CVE-2011-3378) (important)
2011-11-02 20:08:26
nessus
nessus
Amazon Linux AMI : rpm (ALAS-2011-14)
2013-09-04 00:00:00
Fedora 15 : rpm-4.9.1.2-1.fc15 (2011-13785)
2011-10-12 00:00:00
openSUSE Security Update : rpm (openSUSE-SU-2011:1203-1)
2014-06-13 00:00:00
openvas
openvas
CentOS Update for popt CESA-2011:1349 centos4 x86_64
2012-07-30 00:00:00
Fedora Update for rpm FEDORA-2011-13766
2012-04-02 00:00:00
CentOS Update for popt CESA-2011:1349 centos4 x86_64
2012-07-30 00:00:00
oraclelinux
oraclelinux
rpm security update
2011-10-04 00:00:00
securityvulns
securityvulns
[ MDVSA-2011:143 ] rpm
2011-10-10 00:00:00
rpm multiple security vulnerabilities
2011-10-10 00:00:00
ubuntucve
ubuntucve
CVE-2011-3378
2011-12-24 00:00:00
amazon
amazon
Medium: rpm
2011-10-31 18:25:00
fedora
fedora
[SECURITY] Fedora 15 Update: rpm-4.9.1.2-1.fc15
2011-10-11 08:27:39
[SECURITY] Fedora 16 Update: rpm-4.9.1.2-1.fc16
2011-10-09 19:40:11
[SECURITY] Fedora 15 Update: rpm-4.9.1.3-1.fc15
2012-04-22 03:24:37
veracode
veracode
Arbitrary Code Execution
2020-04-10 01:03:00
redhat
redhat
(RHSA-2011:1349) Important: rpm security update
2011-10-03 00:00:00
(RHSA-2011:1408) Moderate: rhev-hypervisor security update
2011-10-26 00:00:00
cve
cve
CVE-2011-3378
2011-12-24 19:55:00
centos
centos
popt, rpm security update
2011-10-03 21:56:34
debiancve
debiancve
CVE-2011-3378
2011-12-24 19:55:00
ubuntu
ubuntu
RPM vulnerabilities
2013-01-17 00:00:00
gentoo
gentoo
RPM: Multiple vulnerabilities
2012-06-24 00:00:00
vmware
vmware
VMware ESXi and ESX updates to third party library and ESX Service Console
2012-01-30 00:00:00
VMware ESXi and ESX updates to third party library and ESX Service Console
2012-01-30 00:00:00

8.1 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.058 Low

EPSS

Percentile

93.2%

JSON
Related for PRION:CVE-2011-3378
suse3nessus20openvas28oraclelinux1securityvulns2ubuntucve1amazon1fedora3veracode1redhat2cve1centos1debiancve1ubuntu1gentoo1vmware2