RPM before 4.9.1.3 does not properly validate region tags, which allows remote attackers to cause a denial of service

RPM before 4.9.1.3 does not properly validate region tags, which allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via an invalid region tag in a package header to the 1 headerLoad, 2 rpmReadSignature, or 3 headerVerify function...

SUSE CVE-2012-0061

The headerLoad function in lib/header.c in RPM before 4.9.1.3 does not properly validate region tags, which allows user-assisted remote attackers to cause a denial of service crash and possibly execute arbitrary code via a large region size in a package header...

Hardcoded credentials

The headerLoad function in lib/header.c in RPM before 4.9.1.3 does not properly validate region tags, which allows user-assisted remote attackers to cause a denial of service crash and possibly execute arbitrary code via a large region size in a package header...

Design/Logic Flaw

RPM before 4.9.1.3 does not properly validate region tags, which allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via an invalid region tag in a package header to the 1 headerLoad, 2 rpmReadSignature, or 3 headerVerify function...

CVE-2012-0061

The CVE-2012-0061 issue affects the RPM package manager prior to version 4.9.1.3. The flaw is in the headerLoad function (lib/header.c) where region tags are not properly validated, allowing a remote attacker to cause a denial of service (crash) and potentially execute arbitrary code via a large ...

CVE-2012-0061

The headerLoad function in lib/header.c in RPM before 4.9.1.3 does not properly validate region tags, which allows user-assisted remote attackers to cause a denial of service crash and possibly execute arbitrary code via a large region size in a package header...

CVE-2012-0061

The headerLoad function in lib/header.c in RPM before 4.9.1.3 does not properly validate region tags, which allows user-assisted remote attackers to cause a denial of service crash and possibly execute arbitrary code via a large region size in a package header...

Memory corruption

RPM 4.4.x through 4.9.x, probably before 4.9.1.2, allows remote attackers to cause a denial of service memory corruption and possibly execute arbitrary code via an rpm package with crafted headers and offsets that are not properly handled when a package is queried or installed, related to 1 the...