CVE-2011-3378 in RPMinfo

Zusammenfassung

von MITRE

RPM 4.4.x through 4.9.x, probably before 4.9.1.2, allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via an rpm package with crafted headers and offsets that are not properly handled when a package is queried or installed, related to (1) the regionSwab function, (2) the headerLoad function, and (3) multiple functions in rpmio/rpmpgp.c.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservieren

30.08.2011

Veröffentlichung

24.12.2011

Moderieren

akzeptiert

Eintrag

VDB-59793

CPE

bereit

CWE

CWE-94 (bestätigt)

CVSS

9.3 (NVD)

EPSS

0.06042

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-3378
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-3378
CVE Details	https://www.cvedetails.com/cve/CVE-2011-3378/

◂ Zurück Übersicht Weiter ▸

Do you know our Splunk app?

Download it now for free!