CVE-2012-0060
EUVD-2012-009804.06.2012, 20:55
RPM before 4.9.1.3 does not properly validate region tags, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an invalid region tag in a package header to the (1) headerLoad, (2) rpmReadSignature, or (3) headerVerify function.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| rpm | rpm | 𝑥 ≤ 4.9.1.2 |
| rpm | rpm | 1.2 |
| rpm | rpm | 1.3 |
| rpm | rpm | 1.3.1 |
| rpm | rpm | 1.4 |
| rpm | rpm | 1.4.1 |
| rpm | rpm | 1.4.2 |
| rpm | rpm | 1.4.2\/a |
| rpm | rpm | 1.4.3 |
| rpm | rpm | 1.4.4 |
| rpm | rpm | 1.4.5 |
| rpm | rpm | 1.4.6 |
| rpm | rpm | 1.4.7 |
| rpm | rpm | 2.0 |
| rpm | rpm | 2.0.1 |
| rpm | rpm | 2.0.2 |
| rpm | rpm | 2.0.3 |
| rpm | rpm | 2.0.4 |
| rpm | rpm | 2.0.5 |
| rpm | rpm | 2.0.6 |
| rpm | rpm | 2.0.7 |
| rpm | rpm | 2.0.8 |
| rpm | rpm | 2.0.9 |
| rpm | rpm | 2.0.10 |
| rpm | rpm | 2.0.11 |
| rpm | rpm | 2.1 |
| rpm | rpm | 2.1.1 |
| rpm | rpm | 2.1.2 |
| rpm | rpm | 2.2 |
| rpm | rpm | 2.2.1 |
| rpm | rpm | 2.2.2 |
| rpm | rpm | 2.2.3 |
| rpm | rpm | 2.2.3.10 |
| rpm | rpm | 2.2.3.11 |
| rpm | rpm | 2.2.4 |
| rpm | rpm | 2.2.5 |
| rpm | rpm | 2.2.6 |
| rpm | rpm | 2.2.7 |
| rpm | rpm | 2.2.8 |
| rpm | rpm | 2.2.9 |
| rpm | rpm | 2.2.10 |
| rpm | rpm | 2.2.11 |
| rpm | rpm | 2.3 |
| rpm | rpm | 2.3.1 |
| rpm | rpm | 2.3.2 |
| rpm | rpm | 2.3.3 |
| rpm | rpm | 2.3.4 |
| rpm | rpm | 2.3.5 |
| rpm | rpm | 2.3.6 |
| rpm | rpm | 2.3.7 |
| rpm | rpm | 2.3.8 |
| rpm | rpm | 2.3.9 |
| rpm | rpm | 2.4.1 |
| rpm | rpm | 2.4.2 |
| rpm | rpm | 2.4.3 |
| rpm | rpm | 2.4.4 |
| rpm | rpm | 2.4.5 |
| rpm | rpm | 2.4.6 |
| rpm | rpm | 2.4.8 |
| rpm | rpm | 2.4.9 |
| rpm | rpm | 2.4.11 |
| rpm | rpm | 2.4.12 |
| rpm | rpm | 2.5 |
| rpm | rpm | 2.5.1 |
| rpm | rpm | 2.5.2 |
| rpm | rpm | 2.5.3 |
| rpm | rpm | 2.5.4 |
| rpm | rpm | 2.5.5 |
| rpm | rpm | 2.5.6 |
| rpm | rpm | 2.6.7 |
| rpm | rpm | 3.0 |
| rpm | rpm | 3.0.1 |
| rpm | rpm | 3.0.2 |
| rpm | rpm | 3.0.3 |
| rpm | rpm | 3.0.4 |
| rpm | rpm | 3.0.5 |
| rpm | rpm | 3.0.6 |
| rpm | rpm | 4.0. |
| rpm | rpm | 4.0.1 |
| rpm | rpm | 4.0.2 |
| rpm | rpm | 4.0.3 |
| rpm | rpm | 4.0.4 |
| rpm | rpm | 4.1 |
| rpm | rpm | 4.3.3 |
| rpm | rpm | 4.4.2.1 |
| rpm | rpm | 4.4.2.2 |
| rpm | rpm | 4.4.2.3 |
| rpm | rpm | 4.5.90 |
| rpm | rpm | 4.6.0 |
| rpm | rpm | 4.6.0:rc1 |
| rpm | rpm | 4.6.0:rc2 |
| rpm | rpm | 4.6.0:rc3 |
| rpm | rpm | 4.6.0:rc4 |
| rpm | rpm | 4.6.1 |
| rpm | rpm | 4.7.0 |
| rpm | rpm | 4.7.1 |
| rpm | rpm | 4.7.2 |
| rpm | rpm | 4.8.0 |
| rpm | rpm | 4.8.1 |
| rpm | rpm | 4.9.0 |
| rpm | rpm | 4.9.0:alpha |
| rpm | rpm | 4.9.0:beta1 |
| rpm | rpm | 4.9.0:rc1 |
| rpm | rpm | 4.9.1 |
| rpm | rpm | 4.9.1.1 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Common Weakness Enumeration
References