15 matches found
SUSE CVE-2014-8118
Integer overflow in RPM 4.12 and earlier allows remote attackers to execute arbitrary code via a crafted CPIO header in the payload section of an RPM file, which triggers a stack-based buffer overflow...
Mandriva Linux Security Advisory : rpm (MDVSA-2015:056)
Updated rpm packages fix security vulnerabilities : It was found that RPM wrote file contents to the target installation directory under a temporary name, and verified its cryptographic signature only after the temporary file has been written completely. Under certain conditions, the system...
RPM Package Manager CPIO Header NameSize Integer Overflow (CVE-2014-8118)
A code execution vulnerability exists in RPM package manager. The vulnerability is due to an integer overflow when parsing the CPIO header in the payload section of an RPM file, leading to a stack buffer overflow. A remote attacker can exploit this vulnerability by enticing a user to install a...
CVE-2014-8118
Integer overflow in RPM 4.12 and earlier allows remote attackers to execute arbitrary code via a crafted CPIO header in the payload section of an RPM file, which triggers a stack-based buffer overflow...
DEBIAN-CVE-2014-8118
Integer overflow in RPM 4.12 and earlier allows remote attackers to execute arbitrary code via a crafted CPIO header in the payload section of an RPM file, which triggers a stack-based buffer overflow...
Integer overflow
Integer overflow in RPM 4.12 and earlier allows remote attackers to execute arbitrary code via a crafted CPIO header in the payload section of an RPM file, which triggers a stack-based buffer overflow...
CVE-2014-8118
Integer overflow in RPM 4.12 and earlier allows remote attackers to execute arbitrary code via a crafted CPIO header in the payload section of an RPM file, which triggers a stack-based buffer overflow...
CVE-2014-8118
Integer overflow in RPM 4.12 and earlier allows remote attackers to execute arbitrary code via a crafted CPIO header in the payload section of an RPM file, which triggers a stack-based buffer overflow...
CVE-2014-8118
Integer overflow in RPM 4.12 and earlier allows remote attackers to execute arbitrary code via a crafted CPIO header in the payload section of an RPM file, which triggers a stack-based buffer overflow...
UBUNTU-CVE-2014-8118
Integer overflow in RPM 4.12 and earlier allows remote attackers to execute arbitrary code via a crafted CPIO header in the payload section of an RPM file, which triggers a stack-based buffer overflow...
Scientific Linux Security Update : rpm on SL7.x x86_64 (20141209)
It was found that RPM wrote file contents to the target installation directory under a temporary name, and verified its cryptographic signature only after the temporary file has been written completely. Under certain conditions, the system interprets the unverified temporary file contents and...
Mandriva Linux Security Advisory : rpm (MDVSA-2014:251)
Updated rpm packages fix security vulnerabilities : It was found that RPM wrote file contents to the target installation directory under a temporary name, and verified its cryptographic signature only after the temporary file has been written completely. Under certain conditions, the system...
Amazon Linux AMI : rpm (ALAS-2014-458)
It was found that RPM could encounter an integer overflow, leading to a stack-based overflow, while parsing a crafted CPIO header in the payload section of an RPM file. This could allow an attacker to modify signed RPM files in such a way that they would execute code chosen by the attacker during...
rpm: integer overflow and stack overflow in CPIO header parsing
Integer overflow in RPM 4.12 and earlier allows remote attackers to execute arbitrary code via a crafted CPIO header in the payload section of an RPM file, which triggers a stack-based buffer overflow...
PT-2014-8414 · Rpm +5 · Rpm +5
Name of the Vulnerable Software and Affected Versions: RPM versions 4.12 and earlier Description: The issue is caused by an integer overflow in RPM, allowing remote attackers to execute arbitrary code via a crafted CPIO header in the payload section of an RPM file. This triggers a stack-based...