5 matches found
EUVD-2012-0098
Malware in sbrugna...
SUSE CVE-2012-0060
RPM before 4.9.1.3 does not properly validate region tags, which allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via an invalid region tag in a package header to the 1 headerLoad, 2 rpmReadSignature, or 3 headerVerify function...
Oracle Linux 5 / 6 : rpm (ELSA-2012-0451)
The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2012-0451 advisory. - Proper region tag validation on package/header read CVE-2012-0060 - Double-check region size against header size CVE-2012-0061 Tenable has...
rpm: improper validation of header contents total size in headerLoad()
The headerLoad function in lib/header.c in RPM before 4.9.1.3 does not properly validate region tags, which allows user-assisted remote attackers to cause a denial of service crash and possibly execute arbitrary code via a large region size in a package header...
rpm security update
4.8.0-19.1 - Proper region tag validation on package/header read CVE-2012-0060 - Double-check region size against header size CVE-2012-0061 - Validate negated offsets too in headerVerifyInfo CVE-2012-0815...